Microsoft: Iranian Hackers Targeted Email Accounts of Presidential Campaign, U.S. Officials

Microsoft: Iranian Hackers Targeted Email Accounts of Presidential Campaign, U.S. Officials

Over 200 accounts were targeted by the group of hackers, but only four were compromised, according to Microsoft.

A group of hackers believed to be linked to the Iranian government has targeted hundreds of email accounts, some of which are associated with an American presidential campaign, Microsoft announced Friday.

During a 30-day period in August and September, Microsoft’s threat intelligence recognized significant activity by a threat group they call Phosphorus. The hacking collective made more than 2,700 attempts to identify email accounts belonging to Microsoft customers and then targeted 241 of them. 

The accounts belonged to a range of public figures, including current and former government officials, journalists cover world politics, prominent Iranians who live outside of the country, and people working for a U.S. presidential campaign. Microsoft declined to identify the specific campaign. 

Of those accounts, the company said only four were compromised and that none of them belonged to the presidential campaign or government officials. All customers who were attacked have been notified, according to a blog posted by Tom Burt, Microsoft’s vice president of customer security and trust.

The hackers attempted to use password reset or account recovery features to take over some targeted accounts. Burt wrote that although the attacks were not “technically sophisticated,” the hackers attempted to use a significant amount of personal information to identify accounts belonging to their targets and then attempt to compromise them. 

“This effort suggests Phosphorus is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering,” Burt wrote. “As we’ve previously disclosed, our Digital Crimes Unit has also taken legal and technical steps to combat Phosphorus attacks and we continue to take these types of actions.” 

Chris Krebs, who serves as the director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, told NBC News that the government was trying to understand the severity of the attack. 

"While much of this activity can likely be attributed to run-of-the-mill foreign intelligence service work, Microsoft’s claims that a presidential campaign was targeted is yet more evidence that our adversaries are looking to undermine our democratic institutions,” Krebs said. 

The company said that it was sharing the attack for two reasons: to be more transparent about attacks that intend to disrupt democratic processes, and to encourage better cybersecurity practices by public figures in the government and media. 

“Publishing this information should help others be more vigilant and take steps to protect themselves,” Burt wrote. 

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.