Skip to Content
Election 2020

Microsoft says Iranian hackers tried to breach a US presidential campaign

Photo: Tom Lohdan/CC BY 2.0
Photo: Tom Lohdan/CC BY 2.0Photo: Tom Lohdan/CC BY 2.0

Microsoft cybersecurity officials say they saw Iranian hackers attempt to breach accounts from a US presidential campaign, as well as from US government officials, journalists, and Iranians living abroad, in a period extending from August to September. The company described the attacks in a blog post on Friday.

The company sent an alert to the Democratic National Committee on Friday warning about attempts, the Wall Street Journal reported

The hacking campaign is a stark reminder that basic security steps like two-factor authentication are strong and important defenses against even nationally sponsored operations.

The targets: Tom Burt, Microsoft’s vice president of security and trust, wrote that the Iranians failed in their attempt to hack US presidential campaign and government officials. The hackers made “more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers and then attack 241 of those accounts.”

Burt and Microsoft said they will not identify the victims of the hacking campaign. US presidential campaigns have been targets and victims of hacking for years, most notably Democrat officials during the 2016 campaign. Such activity extends back at least to 2008, when both candidates suffered breaches.

Sticking to the basics: The Iranian hacking group, code-named Phosphorous, gathered information about targets and then tried to manipulate password reset and account recovery features in attempts to take over accounts.

“For example, they would seek access to a secondary email account linked to a user’s Microsoft account, then attempt to gain access to a user’s Microsoft account through verification sent to the secondary account,” Burt wrote. “In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets.”

The attacks are not technically sophisticated. They had none of the headline-grabbing exploits that can excite observers and dominate the news. Instead, this operation illustrates how important the fundamentals of cybersecurity are for both attackers and their targets.

Microsoft encouraged all users to set up multi-factor authentication through solutions like the passwordless Microsoft Authenticator.

A long trail: Phosphorous has been active for at least six years. They have long been known to target businesses, government agencies, journalists, and activists involved in the Middle East. 

Earlier this year, Microsoft used a court order to shut down dozens of websites used by the hacking group to spoof well-known companies and trick victims. It’s a legal tactic the company has used repeatedly, against actors including the Russian hacking group known as Fancy Bear.

Keep Reading

Most Popular

This startup wants to copy you into an embryo for organ harvesting

With plans to create realistic synthetic embryos, grown in jars, Renewal Bio is on a journey to the horizon of science and ethics.

VR is as good as psychedelics at helping people reach transcendence

On key metrics, a VR experience elicited a response indistinguishable from subjects who took medium doses of LSD or magic mushrooms.

This nanoparticle could be the key to a universal covid vaccine

Ending the covid pandemic might well require a vaccine that protects against any new strains. Researchers may have found a strategy that will work.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.