Chances are, the concept of "a foreign government interfering in an American election" sounds pretty commonplace to you.
Not that this reality is a good thing. But over the last four years, it has started to feel like the norm.
And according to Google, it's happening again in 2020.
With an acronym like TAG, you might expect a lighthearted, playful Google group running in a field.
But Google's Threat Analysis Group (TAG) is anything but. This specialized team hunts down major cybersecurity threats, including tracking nation-state hacking groups.
And according to Shane Huntley, Head of TAG, the team recently uncovered some vital security intel regarding the 2020 U.S. presidential election:
Huntley explains that the group recently:
"...saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement."
The APT groups in question, he says, are APT31 and APT35.
These are the two groups and the nation-states they are attached to:
Phishing is central to both the Biden and Trump campaign attacks, which is a typical tactic for nation-state attacks against political campaigns.
When SecureWorld covered Russia's hack of the DNC, we noted that Russia used similar tactics in 2016. In fact, phishing was integral to the first three steps of the hack:
It's clear that foreign interference in elections and campaigns is rapidly becoming a mainstay in American politics.
Charles Ragland, security engineer at Digital Shadows, says this trend is continuing from previous election cycles:
"As we have seen in recent history, APT groups targeting political campaigns is nothing new. These groups may be looking to use information that they obtain to sow discord in the country of the ongoing campaign. They may also use it for more traditional intelligence collection to inform other actions. As more and more communication is done online, this trend is likely to continue."
But Google's TAG team did offer a few recommendations in a recent blogpost about these attacks:
"Our improving technology has enabled us to significantly decrease the volume of phishing emails that get through to our users. Automated protections, account security (like security keys), and specialized warnings give Gmail users industry-leading security."
Microsoft has been increasing its Outlook security controls, as well.
This story serves as a reminder for all organizations that nation-state hackers continue to search the U.S. and the world for both proprietary and sensitive data.