Microsoft: Iranian Hackers Targeted Email Accounts of Presidential Campaign, U.S. Officials

Microsoft: Iranian Hackers Targeted Email Accounts of Presidential Campaign, U.S. Officials

Over 200 accounts were targeted by the group of hackers, but only four were compromised, according to Microsoft.

  • By Haley Samsel
  • Oct 07, 2019

A group of hackers believed to be linked to the Iranian government has targeted hundreds of email accounts, some of which are associated with an American presidential campaign, Microsoft announced Friday.

During a 30-day period in August and September, Microsoft’s threat intelligence recognized significant activity by a threat group they call Phosphorus. The hacking collective made more than 2,700 attempts to identify email accounts belonging to Microsoft customers and then targeted 241 of them. 

The accounts belonged to a range of public figures, including current and former government officials, journalists cover world politics, prominent Iranians who live outside of the country, and people working for a U.S. presidential campaign. Microsoft declined to identify the specific campaign. 

Of those accounts, the company said only four were compromised and that none of them belonged to the presidential campaign or government officials. All customers who were attacked have been notified, according to a blog posted by Tom Burt, Microsoft’s vice president of customer security and trust.

The hackers attempted to use password reset or account recovery features to take over some targeted accounts. Burt wrote that although the attacks were not “technically sophisticated,” the hackers attempted to use a significant amount of personal information to identify accounts belonging to their targets and then attempt to compromise them. 

“This effort suggests Phosphorus is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering,” Burt wrote. “As we’ve previously disclosed, our Digital Crimes Unit has also taken legal and technical steps to combat Phosphorus attacks and we continue to take these types of actions.” 

Chris Krebs, who serves as the director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, told NBC News that the government was trying to understand the severity of the attack. 

"While much of this activity can likely be attributed to run-of-the-mill foreign intelligence service work, Microsoft’s claims that a presidential campaign was targeted is yet more evidence that our adversaries are looking to undermine our democratic institutions,” Krebs said. 

The company said that it was sharing the attack for two reasons: to be more transparent about attacks that intend to disrupt democratic processes, and to encourage better cybersecurity practices by public figures in the government and media. 

“Publishing this information should help others be more vigilant and take steps to protect themselves,” Burt wrote. 

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Ransomware Attacks Rise for the First Time in Six Months

    Ransomware attacks have risen for the first time in six months, increasing by 28% month-on-month to 421 attacks. While overall attack volume remained below 500, the uptick may signal a renewed escalation heading into the year’s most active period for cyber criminals. Read Now

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services

  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

  • Eagle Eye Networks Launches AI Camera Gun Detection

    Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now

  • Report: AI is Supercharging Old-School Cybercriminal Tactics

    AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now

Most   Popular

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.