The United States investigation and intelligence agencies revealed on the 18th (local time) that Iran hacked and stole data from the election campaign of former US President Donald Trump, a Republican presidential candidate, and sent it to President Joe Biden’s election campaign, aiming to influence the November US election.
According to CNN and The New York Times (NYT), the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint statement stating that “malicious cyber actors from Iran sent excerpts of stolen non-public data from the Trump campaign to Biden campaign staff via email at the end of June to early July,” and “there is no evidence that the Biden campaign responded to this.” The emails were sent prior to Biden’s resignation as the Democratic presidential candidate on July 21.
ODNI oversees the US Intelligence Community (IC), the FBI is responsible for domestic investigations in the US, and CISA is a cybersecurity agency under the Department of Homeland Security that defends against hacking attempts against the US government. These agencies did not disclose whether Iran repeated such actions after the Democratic presidential candidate changed to Vice President Kamala Harris.
Regarding the incident, a spokesperson for Harris’ campaign stated, “There were only spam or phishing attempts targeting personal email addresses in our campaign, and no data was directly sent to our campaign. We strongly condemn any foreign actors attempting to interfere in US elections.”
ODNI and others also criticized Iran in their statement for continuing efforts to steal non-public data about the Trump campaign and send it to US media outlets.
Last month, Politico reported that starting on July 22, from an email account using the alias ‘Robert,’ internal documents from the Trump campaign were sent to them. One of the emails sent contained information about Republican Vice Presidential candidate Senator JD Vance (Ohio). NYT and The Washington Post also reported receiving similar emails.
US intelligence agencies did not publicly disclose how Iran obtained data from the Trump campaign. Microsoft previously revealed that hackers linked to Iran’s Islamic Revolutionary Guard Corps sent phishing emails to senior campaign officials. CNN also reported that hackers linked to Iran hacked into the email account of Roger Stone, a longtime political advisor to Trump, in June.
In response to the incident, the Trump campaign claimed it is “further evidence of Iran actively interfering in the election to help the Democratic candidate win” and demanded that Harris and Biden be honest about whether they used the hacked data. Reuters reported that the Iranian UN mission in New York has not responded to requests for comments on the matter.
In a separate development, FBI Director Christopher Wray announced at a cybersecurity conference in Washington that “US authorities have blocked a second major Chinese hacking group.” Wray stated that the group, known as “Flex Typhoon,” controlled thousands of devices after being compromised and operated by the Chinese company ‘Integrity Technology Group,’ which collects information for the Chinese government. He did not specify the specific targets of Flex Typhoon’s hacking attacks.
Flex Typhoon is the second major Chinese hacking group that attempted large-scale hacking activities in the US. Last year, US authorities discovered a hacking group associated with China called “Bolt Typhoon” that attempted to hack critical US infrastructure facilities.