Boston: Google has said state-backed hackers have targetted the campaigns of both President Donald Trump and former vice-president Joe Biden, although it saw no evidence that the phishing attempts were successful.
The company confirmed the findings after the director of its ‘Threat Analysis Group’, Shane Huntley, disclosed the attempts Thursday on Twitter. Huntley said a Chinese group known as ‘Hurricane Panda’ targetted Trump campaign staffers while an Iranian outfit known as ‘Charming Kitten’ had attempted to breach accounts of Biden campaign workers.
Such phishing attempts typically involve forged emails with links designed to harvest passwords or infect devices with malware.
The effort targetted personal email accounts of staffers in both campaigns, according to the company statement. A Google spokesman added that ‘the timeline is recent and that a couple of people were targeted on both campaigns’. He would not say how many.
Google said it sent targetted users ‘our standard government-backed attack warning’ and referred the incidents to federal law enforcement.
Graham Brookie, director of the ‘Atlantic Council’s Digital Forensic Research Lab’, called the announcement ‘a major disclosure of potential cyber-enabled influence operations, just as we saw in 2016’. His tweet referred to the Russian hacking of the Democratic National Committee and Hillary Clinton’s 2016 presidential campaign and subsequent online release of internal emails — some doctored — that US investigators determined sought to assist the Trump campaign.
The Biden and the Trump campaign would not say how many staffers were targeted nor when the attempts took place or whether the phishing was successful. Both campaigns have been extremely reticent about discussing cybersecurity.
“The Trump campaign has been briefed that foreign actors unsuccessfully attempted to breach the technology of our staff,” Trump’s team said in a statement. “We are vigilant about cybersecurity and do not discuss any of our precautions.”
The Biden team did not even confirm the attempt. “We are aware of reports from Google that a foreign actor has made unsuccessful attempts to access the personal email accounts of campaign staff,” it said in a statement. “We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them,” it added.
‘Hurricane Panda’, also known by security researchers as Zirconium or APT31 – is an abbreviation for ‘advanced persistent threat’ – is known for focusing on intellectual property theft and other espionage. ‘Charming Kitten’, also known as Newscaster and APT35, is reported to have targeted US and Middle Eastern government officials and businesses, also for information theft and spying.