The Trump campaign claims it was hacked by Iran — though what information the accused hackers actually obtained, if anything, is unclear. The FBI is reportedly looking into the matter.
Here’s what we know for sure: In a report released last Friday, Microsoft claimed it caught a group with ties to Iran’s Islamic Revolutionary Guard Corps (IRGC) using a “compromised email account” to try to gain access to the system of a “high-ranking official of a presidential campaign.” The company did not name the presidential campaign and did not elaborate on whether the attempt was successful.
Saturday, Politico published a report that detailed documents it received from a mysterious AOL email address from someone going by the name Robert. The materials seemed to be from the Trump campaign, and included a draft of what appeared to be the vetting profiles of potential vice presidential pick Florida Sen. Marco Rubio and the campaign’s actual pick, Ohio Sen. JD Vance. Sunday, the New York Times said it had received what appeared to be the same documents, from a person claiming to also be the Politico source.
Shortly after Politico published its Saturday piece, the Trump campaign gave Politico a statement claiming “foreign sources hostile to the United States” stole the documents from them; the statement went on to suggest that Iran was behind the outreach to Politico. Former President Donald Trump then made that suggestion explicit Saturday night, writing on Truth Social, “We were just informed by Microsoft Corporation that one of our many websites was hacked by the Iranian Government – Never a nice thing to do!”
Monday, the FBI announced it is investigating Trump’s claim.
A great deal of uncertainty remains around the supposed hack, and foreign efforts to meddle in the 2024 elections. But here are some other key things to know.
What do we know about Iranian hackers and the Trump campaign?
Though the Trump campaign is explicitly stating that it was the target of an Iranian attack, Microsoft has yet to be so blunt.
According to the Microsoft report, the Islamic Revolutionary Guard Corps (IRGC) has been operating a wide-scale hacking campaign involving at least four groups — Cotton Sandstorm, Lemon Sandstorm, Mint Sandstorm, and Peach Sandstorm — over the past few election cycles. Microsoft says its Microsoft Threat Analysis Center, a department tasked with protecting both the company and its user base from cybercrimes, noticed that someone “sent a spear phishing email in June to a high-ranking official on a presidential campaign from the compromised email account of a former senior advisor.”
Spear phishing is when a hacker or hacking group tries to gain access to a specific individual or organization’s digital space by placing a malicious link in a message, that when the recipient clicks through, can install malware on a machine that allows hackers access to information it contains. Microsoft said in a blog post that it has “notified those targeted” in the spear phishing attempt.
Though the MTAC report isn’t explicit about the success of Mint Sandstorm’s spear phishing attempt, it does outline other ways the IRGC appears to be planning to influence the election, including by setting up fake news sites that contain polarizing content about the Israel-Hamas conflict and LGBTQ rights, as well as the presidential candidates themselves.
If Iran is behind the phishing attempt, and if the country did share documents with US journalists, that could suggest an effort to sway voters away from Trump. The former president has claimed his Iranian policy to be better, and harsher, than that of Democrats.
His first administration did practice “maximum pressure” on the Islamic Republic. And he ordered the assassination of IRGC commander Qassem Soleimani in January 2020, which was both a practical and ideological blow to Iran. Soleimani was a revered figure in the country and a central force behind external groups affiliated with the regime, including Hezbollah in Lebanon and Shia militias in Iraq and Syria.
Trump also nixed a 2015 nuclear deal which would have, among other things, eased sanctions in return for greater international oversight over and the winding down of Iran’s nuclear weapons development program. That allowed Iran to accelerate its weapons development.
What does this mean for the 2024 campaign?
The documents the journalists received don’t appear to have any campaign-altering bombshells.
But this whole saga is a reminder that online attempts to sway voters, similar to Russian efforts in the 2016 and 2020 elections, are at play this time around, too. Russia and China are both also attempting to influence the current election, according to Microsoft.
Such efforts seem to include Chinese programs that leverage social media to inflame tensions over such issues as the campus protests that happened this spring. Much of Russia’s efforts seemingly focus on sowing disinformation about Ukraine and its involvement with the US intelligence apparatus, as well as inflaming polarization online, particularly about immigration.
With just under three months to go before the elections, it’s likely we will see more attempts from Iran, but also Russia and China, to interfere with US elections.