The US government has confirmed that Iranian actors were behind recent cyber-attacks on Donald Trump’s Presidential campaign.
The announcement comes after the Trump campaign revealed that it had been informed by Microsoft that one of its websites had been hacked by the Iranian government.
Trump said on his Truth Social account on August 11 that the attackers were only able to access publicly available information in the hack.
In a joint statement on August 19, the Office of the Director of National Intelligence (ODNI), the FBI, and the Cybersecurity and Infrastructure Security Agency (CISA) formally attributed these activities to Iran.
Iran Ramps Up Attacks on US Election
The US government noted that Iran has also directly targeted the Presidential campaign of Vice President Kamala Harris with cyber-attacks, using social engineering and other techniques.
Through such activities, the Tehran regime aims to “stoke discord and undermine confidence” in US democratic institutions, as well as attempt to gain access sensitive information related to the elections. These approaches are designed to shape US foreign policy towards Iran, the agencies added.
“We have observed increasingly aggressive Iranian activity during this election cycle, specifically involving influence operations targeting the American public and cyber operations targeting Presidential campaigns,” they commented.
The statement emphasized that such activities are not new, with Iran and Russia frequently targeting elections globally through cyber and influence campaigns.
Read now: US Election Officials Told to Prepare for Nation-State Influence Campaigns
On August 15, Google revealed that an Iranian state-backed threat actor, tracked as APT42, is attempting to compromise the email accounts of individuals associated with the respective US Presidential campaigns via spearphishing attacks.
These campaigns have led to multiple accounts being successfully breached, including the personal Gmail account of a high-profile political consultant.
Additionally, a Microsoft report on August 8 detailed four distinct cyber-enabled influence operations by Iranian actors targeting the US Presidential Election cycle.
On August 16, OpenAI revealed it identified and took down a cluster of ChatGPT accounts that were generating content for a covert Iranian influence operation identified as Storm-2035. The operation used ChatGPT to generate content focused on a number of topics—including commentary on candidates on both sides in the U.S. presidential election – which it then shared via social media accounts and websites.
Tackling Attacks on US Elections
The ODNI, FBI and CISA said that protecting the integrity of elections from foreign influence or interference is its priority. The interagency group is working with public and private sector partners to share information, bolster security, and identify and disrupt any threats.
The agencies also reiterated the importance of basic security hygiene to boost the resiliency of online platforms associated with the 2024 US elections.
“Using strong passwords and only official email accounts for official business, updating software, avoiding clicking on links or opening attachments from suspicious emails before confirming their authenticity with the sender, and turning on multi-factor authentication will drastically improve online security and safety,” they said.
The FBI and CISA issued a public service announcement on August 15, which assured voters that while ransomware attacks targeting state or local government networks could cause temporary, localized delays, they would not affect the integrity of voting systems.