In a 30-day period between August and September 2019, the Microsoft Threat Intelligence Center (MSTIC) observed more than 2,700 attempts by a group dubbed Phosphorus to identify consumer email accounts belonging to specific Microsoft customers and then attack 241 of those accounts. The targeted accounts were associated with a US presidential campaign, current and former US. government officials, journalists covering global politics and prominent Iranians living outside Iran.
News reports shortly afterwards identified the Trump re-election campaign as the primary target.
Two weeks prior to this report, Mitch McConnel the Senate majority leader, finally permitted an amendment to provide $250 million under the Financial Services & General Government Bill to “help states improve their defenses and shore up their voting systems.”
State actors are losing no time gearing up their operations to gain leverage and access to any and all presidential contenders. As in 2016, the primary purpose of these infiltrations appear aimed at gathering emails and intel to leak at appropriate times to damage or aid a particular candidate. In this case, the attack seemed to originate with Iran which has been in a long tit-for-tat cyber campaign with the US. Microsoft has identified additional unrelated attacks from Russia and North Korea,
What is surprising is the relatively unsophisticated nature of these exploits. In many cases, it was reported, the attackers attempted to use publicly available personal information both to identify the email accounts belonging to their intended targets and in a few cases to attempt attacks. Spear Phishing, or targeted emails designed to lure an unsuspecting user to divulge information or install malicious software were also deployed. This software could then be used to spy on or sabotage a network at a later time.
Cybersecutiry is not a major concern for campaigns in this early stage of the election cycle. With funding tight, only a handful of presidential campaigns have invested in a full-time cybersecurity officer. Instead, they have relied on advice from the Democratic National Committee and DigiDems, a Democratic technology firm founded after the 2016 presidential campaign. It is surprising that the Trump campaign’s defenses were so unprepared.
It is a hopeful sign that the Senate is willing to move forward with funding to protect our elections. It is discouraging that the effort is beginning so late in the game. Equally disheartening is the active denial from the President that email break ins were a significant part of the disinformation campaigns of 2016 and that they are an ongoing challenge for the 2020 cycle..
- DigiDems works in partnership with Democratic Party organizations and leaders in tech to develop on-the-ground programming and support.
- Protect Democracy is a nonpartisan nonprofit committed to preventing our democracy from declining into a more authoritarian form of government. Their white paper on election manipulation can be found here
- Common Cause has a section dedicated to guaranteeing voting rights and fair and unbiased elections.
- Securing the Vote: Protecting American Democracy is a comprehensive report from the National Academy of Sciences Committee on the Future of Voting.
Photo by Web Hosting