X

Chinese, Iranian hackers tried to hack Biden, Trump campaigns, Google says

The efforts weren't successful and the targeted campaign staffers have been notified, according to the company.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
3 min read
gettyimages-1211051947

Joe Biden and Donald Trump supporters in Kansas City, Missouri. 

Kyle Rivas/Getty Images

Hackers backed by the Chinese and Iranian governments were caught in an attempted cyberattack against the Trump campaign and the Biden campaign, Google said Thursday. 

Google's Threat Analysis Group (TAG) detected the phishing attempt, a cyberattack where hackers try to lure victims into clicking on a link and giving up sensitive credentials. 

"Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise," Shane Huntley, the head of TAG, said in a tweet. APT stands for "advanced persistent threat," a label applied to various hacking groups by cybersecurity specialists. 

Huntley added that Google sent a warning to the targeted campaign staffers and alerted federal law enforcement officials about the attempted cyberattacks. The company confirmed this in a statement.

"We can confirm that our Threat Analysis Group recently saw phishing attempts from a Chinese group targeting the personal email accounts of Biden campaign staff and an Iranian group targeting the personal email accounts of Trump campaign staff," Google said. "We didn't see evidence that these attempts were successful. We sent the targeted users our standard government-backed attack warning and we referred this information to federal law enforcement. We encourage campaign staff to use extra protection for their work and personal emails, and we offer security resources such as our Advanced Protection Program and free security keys for qualifying campaigns." 

The company said the attacks were targeting multiple campaign staffers for both Trump and Biden, and that the attacks went after their personal accounts. The Biden campaign said it had been on guard against such attacks.

"We are aware of reports from Google that a foreign actor has made unsuccessful attempts to access the personal email accounts of campaign staff," the campaign said in a statement. "We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them. Biden for President takes cybersecurity seriously, we will remain vigilant against these threats, and will ensure that the campaign's assets are secured."

The Cybersecurity and Infrastructure Security Agency said that it planned to share details of the attempted hack with congressional campaigns, as well as state and local officials. 

"It's not surprising that a number of state actors are targeting our elections. We've been warning about this for years. Our job at CISA is to make sure they're not successful," a CISA official said in a statement. "That's why today's announcement shows that secure, resilient elections are much bigger than state and local, or even federal government, efforts. The private sector has a key role, as does the American voter."

The Trump campaign confirmed that it had been briefed about the attempted hack.

"We are vigilant about cybersecurity and do not discuss any of our precautions," the campaign said.

This isn't the first time Iranian hackers have been accused of targeting the Trump campaign. Last October, Microsoft  said it had discovered more than 2,700 attempts to hack a presidential campaign, including Trump's. Chinese hackers have also been accused of major cyberattacks against the US, including the Equifax breach and attempts to steal coronavirus vaccine research.

The 2016 US presidential election showed how much influence a cyberattack can have on the democratic process, after Russian hackers infiltrated the Democratic National Committee's servers as well as the email accounts of staff members on Hillary Clinton's campaign. Since then, government agencies like the CISA have ramped up efforts on election security, as have tech giants like Google and Microsoft. 

The Chinese, Iranian and Russian governments have all routinely denied involvement in such cyberattacks.

Google introduced its Advanced Protection Program in 2017 and has advised campaign staffers to lock down their personal accounts along with their work accounts. Microsoft has a similar service through its Defending Democracy program