Google: Chinese and Iranian hackers targeting Biden, Trump campaigns

Chinese and Iranian government-backed hackers recently unsuccessfully targeted campaign staff for both President Trump and former Vice President Joe Biden, a Google threat researcher announced Thursday.

Shane Huntley, a member of Google’s Threat Analysis Group (TAG), tweeted that TAG had seen advanced persistent threat (APT) groups sending malicious phishing emails to campaign staffers.

“Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing,” Huntley tweeted. “No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement.”

Google’s government attack warning alerts users that hackers may be attempting to steal their password, and urges them to sign up for Google’s Advanced Protection Program. Huntley wrote in a blog post in 2018 that an “extremely small fraction of users” will get this alert, but that if a user does receive one, they should “take immediate action” to secure their account.

A spokesperson for the Biden campaign told The Hill that they were “aware” of the targeting.

“We are aware of reports from Google that a foreign actor has made unsuccessful attempts to access the personal email accounts of campaign staff,” the spokesperson said. “We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them.”

The spokesperson emphasized that “Biden for President takes cybersecurity seriously, we will remain vigilant against these threats, and will ensure that the campaign’s assets are secured.”

A spokesperson for the Trump campaign told The Hill that they had received a briefing on the incident. 

“The Trump campaign has been briefed that foreign actors unsuccessfully attempted to breach the technology of our staff,” the spokesperson said. “We are vigilant about cybersecurity and do not discuss any of our precautions.”

Both Iran and China are considered, alongside Russia and North Korea, to be top threats to the U.S. in cyberspace. Tensions between the U.S. and China have spiked during the COVID-19 outbreak, while tensions with Iran reached a boiling point in January following the targeting and killing of Iranian Gen. Qasem Soleimani. 

The phishing emails are not the first efforts to target presidential campaigns this year. 

Microsoft announced in October that an Iranian hacking group known as “Phosphorus” had targeted the email accounts of Trump campaign staffers, but the accounts were not compromised. 

Former Democratic presidential candidate Sen. Bernie Sanders (D-Vt.) said in February that his campaign had been briefed by U.S. intelligence community officials about Russian efforts to assist his presidential campaign by spreading disinformation. 

According to The New York Times, Russian actors simultaneously sought to interfere in the presidential election to favor Trump’s campaign. 

This interference came two years after Russian agents spread disinformation and targeted U.S. election infrastructure in an effort to help get Trump elected president, according to former special counsel Robert Mueller and U.S. intelligence officials. 

FBI Director Christopher Wray testified in February that foreign influence operations by Russia had “never stopped” after 2016, pointing to evidence that Russian malicious actors were using false personas online to spread disinformation. 

-Updated at 4:25 p.m.