Phishing Attacks Against Trump and Biden Campaigns
Ever since Russian interference in the 2016 presidential election, many have been focused on preventing another attack this November. Amidst growing nation-wide protests and a global pandemic, Google detected two cybersecurity threats: attacks carried out by foreign state hackers against the presidential campaigns of Joe Biden and President Trump.
The news comes from Google’s Threat Analysis Group head, Shane Huntley, who tweeted that Google saw Chinese and Iranian hackers target the two presidential campaigns through phishing. Staff members working for either Trump or Biden received the phishing emails; however, the two attacks did not penetrate the campaigns.
Huntley’s tweet referred to two groups: the Iranian APT35 and Chinese APT31, with the former also called Charming Kitten and, the latter, Hurricane Panda. Charming Kitten (Iran) targeted Trump and Hurricane Panda (China) targeted Biden. Unfortunately, both attempts were not unexpected. China’s interference in US politics has spanned beyond the 2020 election and, back in October, Microsoft had warned that Charming Kitten had set its sights on the emails of a presidential campaign. According to the New York Times, Russia has also shown an interest (and possible interference) in the upcoming presidential election.
Phishing Attacks Against Election Campaigns
Once the Threat Analysis Group detected the phishing attacks, the Group alerted both campaigns and law enforcement. The NYT reported the Biden campaign response, which stated that they take “cybersecurity seriously” and “will remain vigilant against these threats.” While Charming Kitten and Hurricane Panda may not have successfully breached the campaign defenses, their phishing attacks do substantiate the concerns of possible foreign-actor interference and the warnings intelligence agencies have provided regarding threats.
Phishing attacks can occur against major campaigns, but also against individuals. Even in the most sophisticated and coordinated of attacks, phishing relies on a person to click on a link or download a file within an email. What the person is really downloading is malware. The email (appearing as a genuine one) provides groups like Charming Kitten and Hurricane Panda with an entry point into computers, servers, and all kinds of now accessible information.
As the NPR report on the attacks explains, election campaigns have been historically “the most vulnerable part of the election ecosystem.” While some staff members are permanent and can receive the proper security training, NPR argues those who volunteer or are staffed for a short period of time may not have the necessary cybersecurity training, leaving a campaign unprotected.