US & Canada

Iranian hackers targeted US 2020 campaign, says Microsoft

Microsoft's logo atop its Los Angeles offices Image copyright Reuters
Image caption Microsoft said the hackers were "highly motivated"

Hackers that appear to be linked to Iran's government have targeted the 2020 US presidential election, according to tech company Microsoft.

The group attacked more than 200 email accounts, some of which belonged to people associated with "a US presidential campaign", it said.

The target was President Donald Trump's re-election campaign, sources told Reuters news agency.

Iran has not yet publicly commented on the allegations.

A spokesman for the Trump campaign said it had no indication it had been targeted.

What did Microsoft announce?

"Today we're sharing that we've recently seen significant cyber activity by a threat group we call Phosphorus, which we believe originates from Iran and is linked to the Iranian government," a Microsoft statement reads.

Phosphorus, it said, made more than 2,700 attempts to identify people's email accounts over a 30-day period in August and September. It then attacked 241 accounts.

"The targeted accounts are associated with a US presidential campaign, current and former US government officials, journalists covering global politics and prominent Iranians living outside Iran," Microsoft said.

Currently, 19 Democrats are seeking to be nominated as their party's candidate to stand against Donald Trump in 2020, while three Republicans say they plan to challenge the president. The statement did not identify which specific campaign was targeted.

However Reuters reported it was President Trump's re-election campaign, citing sources familiar with the operation.

Image copyright AFP/Getty
Image caption Reuters reports that the campaign targeted was US President Donald Trump's

According to Microsoft, only four accounts were eventually compromised, and none of these were associated with a campaign, nor any former or current officials.

The hackers tried to take over the accounts, in attacks Microsoft called "not technically sophisticated". The company has told account holders affected and helped to protect them.

Nevertheless, the tech company called Phosphorus, also known as APT 35, "highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering".

Microsoft urged all its customers to set up two-step verification for their email accounts, and suggested people worried about security to check their login history.

Why is this significant?

There has been increasing concern worldwide about foreign-sponsored election interference via hacking.

In July, US Special Counsel Robert Mueller concluded that Russia systematically interfered in the 2016 election with the intention of benefitting Mr Trump - although he did not establish collusion in a crime.

The same month Microsoft said it had told almost 10,000 customers they had been targeted or compromised by nation-state attacks.

Media playback is unsupported on your device
Media caption'Don't meddle in the 2020 election', Trump jokes

The fact that the hackers allegedly have links to Iran is also noteworthy.

President Trump's unilateral withdrawal from a nuclear accord between Iran and world powers last year has raised tensions between Washington and Tehran.

The US blames Iran for an attack on Saudi oil facilities in September which affected global markets. Iran has denied any responsibility for the strikes.

More on this story