There is little doubt, investigators say, that the Iranians want to see Trump defeated. As president, he withdrew from the 2015 nuclear deal, reimposed economic sanctions on Iran and then, in January 2020, ordered the killing in Iraq of Maj. Gen. Qassem Soleimani, commander of the Quds Force, a clandestine wing of the Revolutionary Guard responsible for foreign operations.
Loading
Four years later, the Revolutionary Guard appears still determined to avenge Soleimani’s death, and just last week the Justice Department announced it had charged a Pakistani man who had recently visited Iran, accusing him of trying to hire a hit man to assassinate political figures in the US, most likely including Trump. (There is no evidence that Iran was involved in the July 13 attempt on Trump’s life in Butler, Pennsylvania.)
Trump often casts his actions against Iran as evidence of his strength, despite the fact that his exit from the Iran deal gave Tehran an opening to rebuild a nuclear program that had been hobbled by the 2015 agreement. Still, the combination of the hack and the hit men looking for Trump and his former aides gave the former president an obvious foil, and he was using it over the weekend to make the case that the Iranians would prefer a continuation of the Biden-Harris administration.
Microsoft stopped short of saying that the hacking effort it detected was focused on Trump’s campaign, though the campaign itself said that was the case. In an interview, Tom Burt, head of the company’s customer security and trust team, said that in June, “the Iranian team associated with Iranian intelligence” operations of the Revolutionary Guard successfully breached the email account of a former Trump campaign adviser, whom the company did not name. From that account, he said, the Iranians sent a spear phishing email to an official of a presidential campaign.
While it would have appeared to the recipient to have come from the former Trump campaign adviser, Burt refused to say whether the targeted campaign was also Trump’s. By long-established practice, Microsoft says, it can reveal such details only with the permission of the victim of an attack.
Loading
In many ways, the effort was similar in technique to what Iran attempted when it sought to interfere in the 2020 presidential campaign. This time, however, the Iranian effort looks to have been more sophisticated — namely, through the hacking of a trusted intermediary — suggesting the hackers learned something from what the Russians accomplished in past campaigns, notably in 2016.
But Burt said the company could not determine whether the effort was successful in penetrating the campaign it targeted.
The documents sent to Politico, as it described them, and to the Times included research about and assessments of potential vice-presidential nominees, including Senator J.D. Vance, whom Trump ultimately selected. Like many such vetting documents, they contained past statements with the potential to be embarrassing or damaging, such as Vance’s remarks casting aspersions on Trump.
In a statement on Saturday, Steven Cheung, a spokesperson for the Trump campaign, preemptively chastised outlets that reported on any information that was improperly obtained.
“Any media or news outlet reprinting documents or internal communications are doing the bidding of America’s enemies and doing exactly what they want,” he wrote.
The 2016 election that Trump won was marked by similar “hack and leak” efforts after Russian hackers broke into the email accounts of top Democratic officials. Leaked emails showed the internal workings of the party and of Hillary Clinton’s campaign, and also revealed criticisms of Clinton by aides, and a trove of them was published by WikiLeaks in the final weeks of the presidential race.
Seeking an edge then, Trump’s campaign seized on the emails — many of them from Clinton’s campaign chair, John Podesta. “We love Wikileaks,” Trump declared at the time.
This article originally appeared in The New York Times.
Discussion about this post