SAN FRANCISCO — Iranian hackers targeted hundreds of e-mail accounts associated with at least one presidential campaign, as well as those of American journalists and current and former US government officials, Microsoft said Friday, in a sign of how cyberattacks will become a fixture of the 2020 presidential election.
Microsoft said in a report that hackers, with apparent backing from Iran’s government, had made more than 2,700 attempts to identify the e-mail accounts of current and former government officials, journalists covering political campaigns, and accounts associated with one major presidential campaign. In at least four cases, the hackers successfully infiltrated inboxes.
Microsoft would not name the campaign.
The report was released as the Trump administration continues to weigh a cyberstrike against Iran to punish Tehran for what White House officials charge was an Iranian attack on Saudi oil facilities last month.
The Microsoft researchers said the hackers had tried to attack 241 accounts and were successful in four cases, using fairly unsophisticated means. In those cases, the hackers appear to have used information available about their victims online to discover their passwords. It was unclear what information they stole.
For weeks, officials from the FBI, the Department of Homeland Security, and the National Security Agency have said they are particularly concerned about Iranian-backed attacks. Their worries stemmed from rising tensions over new sanctions on Iran and nascent Iranian activity in the 2018 midterm elections.
While the officials said they believed that all the US presidential candidates were likely targets, President Trump’s campaign has long been considered a prime target.
It was Trump who abandoned the 2015 nuclear deal with Iran last year, and who has ramped up sanctions to the point that Iran’s oil revenues have dropped sharply. The United States has also designated Iran’s Revolutionary Guard a terrorist group. The Guard oversees the nuclear program and, by some accounts, Iran’s best hacking group, its Cyber Corps.
But it is not clear whether the group Microsoft identified reports to the corps or is made up, deliberately, of freelancers and others whose affiliations are harder to trace.
When Iranian officials are asked about cyberattacks, they admit nothing but note that attacks have been two-way. Three times in the past decade, the United States has directed cyberweapons against Iranian targets.