The United States will have presidential elections in 2020 and technological interference has already started: this Friday (4), Microsoftannounced who found evidence that cybercriminals linked to the Iranian government tried to improperly access an account of a presidential candidate.
According to Microsoft, a group made more than 2,700 attempts to identify email addresses linked to specific company customers over a 30-day period between August and September. The group’s name has not been released, but the company refers to them as Phosphorus. “We believe they are from Iran and are linked to the Iranian government,” says Microsoft.
Phosphorus tried to attack 241 accounts and managed to access four of them, but none of the compromised emails was linked to the 2020 presidential campaign, according to Microsoft. The main targets were “accounts associated with a US presidential campaign, US government officials and former officials, journalists covering international politics and prominent Iranians living outside Iran”.
The attacks were not so sophisticated: the group was trying to use Microsoft’s account recovery features by resetting passwords through the victims’ secondary email addresses or cell numbers. Still, for Microsoft, this indicates that they are “highly motivated and willing to invest significant time and resources involved in research and other means of gathering information”.
Microsoft says it has already taken legal action against Phosphorus. For ordinary users, the company recommends enabling two-step authentication and use this tool to see if someone has hijacked your account. For people linked to political campaigns, parties or NGOs related to democracy, there is the Microsoft AccountGuard, which closely monitors and protects 60,000 accounts in 26 countries.