Google’s security researchers say state-backed hackers from Iran and China have targeted the Trump and Biden presidential campaigns, respectively. The state-backed actors sent phishing scam attempts to the personal email accounts of campaign staff. According to Google, there are no signs that the attempts were successful, and Google has notified both campaigns.
Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement. https://t.co/ozlRL4SwhG
— Shane Huntley (@ShaneHuntley) June 4, 2020
Even if the attempts were not successful, they are significant, especially given how hackers were able to interfere with the 2016 election. Google recommends campaign staff use extra security measures, like its Advanced Protection Program, and the company is still offering free security keys to qualifying campaigns. Facebook has also outlined its 2020 election “protections.” But we’ve already seen how easy it is to breach election machines, and then there is disinformation to contend with.