Serviceteam IT Security News
Chinese and Iranian state-sponsored hackers have been caught targeting the Trump and Biden Presidential campaigns, according to Google.

Shane Huntley, director of Google’s Threat Analysis Group, revealed the news in a couple of tweets yesterday.

He confirmed that there was no sign the attacks had led to compromise.

“We sent users our govt attack warning and we referred to fed law enforcement,” Huntley added. “If you are working on a campaign this election cycle, your personal accounts may be targeted. Use the best protection you can. Two-factor authentication or Advanced Protection really can make a difference.”

Google’s Advanced Protection Program is designed to offer maximum protection for the Google accounts of journalists, activists, business leaders, campaign teams and the like who may find themselves at a high risk of targeted attacks.

It features 2FA via physical key or Android device, limited third-party app access to Google emails and Drive files, and a block on app downloads from outside Google Play.

The latest state-backed attacks were attributed to China’s APT31 (aka Zirconium, Bronze Vinewood), which has hitherto been pegged for attacks designed to compromise IP, and Iran’s APT35 group.

The latter, also known as Charming Kitten and Phosphorous, was disrupted in March 2019 when Microsoft court action allowed the firm’s Digital Crimes Unit to take control of 99 of its phishing domains. It is often focused on collecting strategic intelligence from US and Middle Eastern government and military targets.

The attacks call to mind the infamous cyber-espionage campaign against Democratic Party officials ahead of the last Presidential election which led to the ‘Guccifer 2.0’ publication via WikiLeaks of politically embarrassing material. Hillary Clinton has since blamed the likely Russian campaign on her eventual loss to Donald Trump.

“As we have seen in recent history, APT groups targeting political campaigns is nothing new. These groups may be looking to use information that they obtain to sow discord in the country of the ongoing campaign,” said Digital Shadows security engineer, Charles Ragland.

“They may also use it for more traditional intelligence collection to inform other actions. As more and more communication is done online, this trend is likely to continue.”

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!