After Microsoft, Google now claims Iranian hackers are targeting US presidential election
Aug. 16, 2024, 3:26 a.m.
Read time estimation: 3 minutes.
7
Google has recently issued a warning about Iranian cyberattacks aimed at the upcoming US presidential elections, echoing similar concerns previously voiced by Microsoft.
According to Google’s latest intelligence report, a group known as APT42 has been identified as the primary actor behind these cyber threats. This group, with links to the Islamic Revolutionary Guard Corps (IRGC), has been actively targeting organizations connected to the US presidential race.
Over the past six months, 60 per centr of APT42’s cyber activities have focused on Israel and the United States. Their methods include phishing attacks and sophisticated social engineering tactics aimed at compromising Gmail accounts, particularly those belonging to high-profile individuals.
Advertisement APT42 has also been involved in targeting various sectors, including military, defense, diplomacy, academia, and civil society, using phishing campaigns to steal credentials.
In the context of the US, APT42 has directed its efforts at both the Trump and Biden campaigns, specifically targeting the personal email accounts of former US government officials and campaign staff. Some of these phishing attempts have been successful, including one that targeted a well-known political consultant.
Despite ongoing efforts to stop these attacks, Google has noticed that APT42 continues to try to launch phishing attacks against people connected to President Biden, Vice-President Kamala Harris, and former President Donald Trump, but these attempts have not been successful.
APT42 has been using different methods to break through security measures. One of their tactics involves finding accounts that use Device Prompts for two-factor authentication (2FA). They then try to log in or recover accounts by using fake prompts that appear legitimate and come from the same location, making it hard for users to tell real prompts from fake ones.
In response to these threats, Google has recommended that people at high risk, such as elected officials, candidates, campaign staff, journalists, and government officials, join its Advanced Protection Program. This program offers extra security to protect against phishing and unauthorized access, providing a stronger defense against the types of sophisticated attacks launched by APT42.
Advertisement As the US presidential election gets closer, the risk of cyber threats like those from APT42 is expected to stay high. This makes it more important for people involved in the election to take stronger security measures.