Iran Named As Source Of Trump Campaign Phish, Leaks
US authorities have named Iran as the likely source of a recent attack on the campaign of the US Republican Party’s presidential nominee, Donald Trump.
A joint statement published on Monday by the Office of the Director of National Intelligence (ODNI), the FBI, and the Cybersecurity and Infrastructure Security Agency (CISA) re-affirmed past warnings that “Iran seeks to stoke discord and undermine confidence in our democratic institutions.”
Tehran’s at it again, the agencies warned, as “Iran perceives this year’s elections to be particularly consequential in terms of the impact they could have on its national security interests.”
The three have already seen “increasingly aggressive Iranian activity during this election cycle, specifically involving influence operations targeting the American public and cyber operations targeting presidential campaigns.”
One of those efforts, the statement asserts, resulted in compromise of the Trump campaign and subsequent leaking of documents.
News of the leaks emerged after Microsoft published a report in which the software giant claimed Iranian attackers sent spear-phishing emails to “a high-ranking official of a presidential campaign” using a “compromised email account of a former senior advisor.”
The Washington Post reported a possible victim of the phishing mails: longtime Trump advisor and confidante Roger Stone, who told the newspaper his personal email accounts had been compromised.
The Post reported that Stone’s accounts were used to email Trump campaign staff, and that links on those mails would have allowed access to victims’ inboxes.
Whatever the source and nature of the attack, the FBI, CISA, and ODNI warned “this activity demonstrates the Iranians’ increased intent to exploit our online platforms in support of their objectives.”
The agencies pledged to continue efforts to combat such attacks, and named Russia and Iran as the nations known to be trying to mess with the United States’ November national elections.
The three orgs advised: “Using strong passwords and only official email accounts for official business, updating software, avoiding clicking on links or opening attachments from suspicious emails before confirming their authenticity with the sender, and turning on multi-factor authentication will drastically improve online security and safety.” ®
READ MORE HERE