The US Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint statement confirming that Iran is responsible for a series of cyberattacks targeting the presidential campaigns of former President Donald Trump and Vice President Kamala Harris.
Following an extensive investigation, intelligence officials concluded that Iran has intensified its cyber operations, aiming to exploit societal tensions and undermine confidence in the US democratic process. The agencies highlighted that Iran has a longstanding interest in influencing US elections, particularly through cyber operations designed to access sensitive information and sway public opinion.
“We have observed increasingly aggressive Iranian activity during this election cycle, specifically involving influence operations targeting the American public and cyber operations targeting presidential campaigns. This includes the recently reported activities to compromise former President Trump’s campaign, which the IC attributes to Iran,” the agencies said.
Recent cyber activities linked to Iran include attempts to compromise campaign networks through social engineering and other sophisticated methods. The operations have targeted individuals with direct access to the Trump and Harris campaigns, seeking to steal and disclose information that could impact the election outcome.
“Just as this activity demonstrates the Iranians’ increased intent to exploit our online platforms in support of their objectives, it also demonstrates the need to increase the resilience of those platforms. Using strong passwords and only official email accounts for official business, updating software, avoiding clicking on links or opening attachments from suspicious emails before confirming their authenticity with the sender, and turning on multi-factor authentication will drastically improve online security and safety,” the agencies noted.
Last week, Google reported that APT42, an Iranian government hacking group also known as Charming Kitten and Mint Sandstorm, targeted around a dozen individuals in May and June. The hackers focused on personal email accounts across multiple providers, successfully compromising at least one account belonging to a high-profile political consultant. However, Google did not confirm a connection between these attacks and the leaked documents from the Trump campaign.