Both major presidential campaigns have recently been the targets of cyberattacks from foreign governments, a Google executive said Thursday.
Google's Threat Analysis Group, which deals with nation-state hacking, said that hackers traced to China attempted to break into email accounts of people on the campaign of the apparent Democratic nominee Joe Biden.
Separately, hackers connected to Iran targeted the campaign staff of President Donald Trump, according to the group's director, Shane Huntley.
Both campaigns were warned that they had been targeted, and there was “no sign of compromise” in either case, he posted to Twitter.
“We are aware of reports from Google that a foreign actor has made unsuccessful attempts to access the personal email accounts of campaign staff,” the Biden campaign said in a statement. “We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them.”
The Trump campaign said it had been briefed on efforts to breach accounts of its staff.
"We are vigilant about cybersecurity and do not discuss any of our precautions," a Trump campaign spokesperson said.
China and Iran both frequently conduct phishing campaigns to collect intelligence on other countries, and presidential campaigns make ripe targets.
But the threat of presidential campaigns getting hacked looms large in 2020, given that Russian intelligence not only hacked Democratic Party networks in 2016, but also systematically leaked their contents for months leading up to the election.
“It's really important to remember campaigns are targeted all the time, and typically they're targeted for intelligence,” said John Hultquist, the director of threat intelligence at FireEye, which tracks foreign hacking groups.
“These actors want to gain access and quietly build out a competitive advantage against future policymakers. It doesn't necessarily indicate some attempt to manipulate any process,” he said. “This is a pretty clear espionage target.”
The Chinese and the Iranian government hacking groups that Huntley said are behind the respective attempts are each well known in the cybersecurity industry, which tracks sophisticated hacker groups, referred to as "Advanced Persistent Threats."
The Chinese group, sometimes called APT 31, often goes after organizations involved in policymaking, particularly in Canada and the United States, Hultquist said. The Iranian one, APT 35, has been tied to campaigns against industrial control systems, Iranian dissidents abroad and foreign politicians.