LAS-VEGAS — The apparent hack-and-leak operation targeting former President Donald Trump’s presidential campaign points to a potentially “wild” election season, a former senior U.S. cybersecurity official said Sunday.
Rob Joyce, the former director of cybersecurity at the National Security Agency who retired in March, told a crowd at the DEF CON security conference that based on news and industry reports, it looks like we are “once again in a cycle where hacking attacks and data leaks have already begun.”
Joyce told the crowd that he would not speculate on who was behind the campaign and that he had no inside information, but he pointed out that Russia, Iran and China were all involved in election interference operations to varying degrees.
“It’s pretty surprising to start this early, isn’t it?” Joyce said. “Buckle up for October, because I think we’re in for a wild ride.”
U.S. intelligence officials told reporters in July that Iran was one of several countries, along with Russia and China, attempting to influence or interfere in the U.S. election.
Microsoft’s Threat Analysis Center said Thursday that hackers with ties to the Iranian Revolutionary Guard Corps (IRGC) sent a phishing email to a senior presidential campaign official. The attack was carried out through the compromised account of a former senior adviser. Microsoft did not name the campaign or those responsible, but Politico reported Saturday that the Trump campaign was targeted and that an individual named “Robert” emailed internal Trump campaign materials to the news organization starting on July 22.
Trump campaign spokesman Steven Cheung told Politico that “foreign sources hostile to the United States” were behind the hack and data leak, citing Microsoft’s report.
Cheung did not respond to CyberScoop’s questions about the incident on Sunday. A Microsoft spokesperson declined to answer further questions about the company’s report or public reports about the Trump campaign’s involvement.
A spokesman for the Permanent Mission of the Islamic Republic of Iran to the United Nations told CyberScoop on Sunday: “We do not believe such reports. The Iranian government has neither the intention nor the motive to interfere in the US presidential election.”
Cheung told the Washington Post: “The Iranians know that President Trump will put an end to their reign of terror, just as he did in his first four years in the White House.”
The spokesman for the Permanent Mission to the United Nations declined to comment on Cheung’s claim.
Microsoft researchers said the operation targeting the campaign was just one of several attempts with links to Iran to interfere in the 2024 U.S. presidential election. These include setting up covert news sites designed to incite both sides of the political divide, preparing intimidation and inciting violence, and compromising a county government employee in a swing state.
The US government indicted two Iranian nationals in 2021 for their involvement in a large-scale manipulation campaign in the 2020 election. The campaign allegedly included emails from the right-wing nationalist Proud Boys to Democratic voters urging them to vote for Trump. The defendants also attempted to obtain voter information in nearly a dozen states and compromise a media company’s content management system.
In addition to the charges, the U.S. Treasury Department imposed sanctions on six Iranians and an Iranian company, Emennet Pasargad, for various roles in the election-rigging scheme. On August 5, Lab Dookhtegan, an anti-Iranian government figure who has exposed Iranian cyber operations in the past, warned in his Telegram channel that the Iranian government was planning to “harm the natural process of elections in the United States.”
The 2020 operations were coordinated through Emennet Pasargad, Lab Dookhtegan said on August 5, while this time “regime-linked cyber groups are on a mission to pursue these sinister goals and increase tensions in the electoral infrastructure in the United States of America.”
