Intelligence suggests Iran sought to ensnare Trump, Biden in hack-and-leak

washington — Iran’s efforts to upend U.S. politics ahead of November’s presidential election by targeting the campaign of former President Donald Trump went well beyond a standard hack-and-leak operation.

According to U.S. intelligence officials, Tehran sought to ensnare the campaign of Trump’s then-opponent, incumbent U.S. President Joe Biden.

Information released late Wednesday by U.S. intelligence officials indicates Iranian cyber actors not only tried to leak stolen Trump campaign documents to media organizations but also tried to feed them to Biden campaign officials, hoping the Biden team might try to use them.

“Iranian malicious cyber actors in late June and early July sent unsolicited emails to individuals then associated with President Biden’s campaign that contained an excerpt taken from stolen, nonpublic material from former President Trump’s campaign as text in the emails,” according to a statement by the FBI, the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency.

“There is currently no information indicating those recipients replied,” the statement added, noting the Iranian hackers have continued to peddle the stolen information to U.S. media organizations.

“The FBI has been tracking this activity, has been in contact with the victims, and will continue to investigate and gather information in order to pursue and disrupt the threat actors responsible,” the statement said.

Earlier this month, a U.S. intelligence official warned that Tehran is “making a greater effort than in the past to influence this year’s elections.”

Those efforts included what the official described as a “multipronged approach to stoke internal divisions and undermine voter confidence” that has included attacks on Trump, the Republican presidential nominee, as well as Vice President Kamala Harris, who became the Democrats’ presidential nominee after Biden ended his campaign in late July. 

Iran’s mission to the United Nations has not yet responded to a request from VOA for comment. It has previously denied involvement in any attempts to interfere with U.S. elections.

In an email to VOA, Trump campaign national press secretary Karoline Leavitt raised the possibility, without providing supporting evidence, that Harris and Biden may have used hacked material obtained from Iranians to try to hurt the Trump campaign. 

The Harris campaign told VOA in an email that it has cooperated with law enforcement since it was made aware of the Iranian activities. “We’re not aware of any material being sent directly to the campaign,” said campaign spokesperson Morgan Finkelstein.

“A few individuals were targeted on their personal emails with what looked like a spam or phishing attempt,” Finkelstein said. “We condemn in the strongest terms any effort by foreign actors to interfere in U.S. elections, including this unwelcome and unacceptable malicious activity.”

The Trump campaign first announced the suspected hack last month, initially blaming “foreign sources hostile to the United States.” U.S. intelligence officials attributed the attack to Iran about a week later.

An unclassified U.S. assessment issued earlier this month cautioned, “Iran has a suite of tools at its disposal.”

“Beyond attempts to hack and leak information, Iran is conducting covert social media operations using fake personas and using AI to help publish inauthentic news articles,” it added.

Private technology companies have likewise warned about Iran’s activities.

In a report issued just days before the Trump campaign said it had been hacked by Iran, Microsoft said Tehran-linked actors were already seeding the online space for influence operations and potential cyberattacks.

But Microsoft President Brad Smith on Wednesday indicated Iranian preparations began even earlier.

“We’ve seen, starting in May, increasingly sophisticated Iranian activity to penetrate network accounts,” Smith told a cyber summit in Washington.  “It’s a classic prelude to hack-and-leak operations. If you can steal the email in June, you can use it in October and you can even change the email.”

       Ads