In a new blog post released October 4, Microsoft Corporate Vice President Tom Burt, who is in charge of customer security and trust, warned Microsoft users to remain active and vigilant when dealing with cybersecurity.
The post comes as Microsoft has seen “significant cyber activity” from a group deemed Phosphorus by the tech giant. Burt wrote that Microsoft believes Phosphorus is linked to the Iranian government and is thought to have originated in the Islamic Republic. He went on to say that over a period of 30 days spanning last August and September, Microsoft recognized over 2,700 attempts by the group to categorize user email accounts and directly attacked 241 of them.
These weren’t just any accounts, Burt continued. Of the 241, the majority belonged to current and former U.S. government officials, global political journalists, members who are associated with a U.S. presidential campaign, and prominent Iranians living outside their home country. While the Microsoft vice president did confirm that four of these accounts were compromised, he went on to assure readers that none of them belonged to members who are associated with the U.S. presidential campaign, nor were they used by current or former U.S. government officials. Burt then said that those whose accounts were attacked have been notified by Microsoft and proper action has been taken to secure them.
What is concerning to Microsoft is the level of effort needed by Phosphorus to carry out these attacks. Burt wrote that the attacks were not highly-sophisticated and were quite low-tech. In most cases, access to the accounts was attempted through a secondary means, either through phone or email verification. Such information can only be accessed by someone who has significant personal data of a specific user.
This means the hacker group is “willing to invest significant time and resources engaging in research and…information gathering,” Burt claimed.
Burt said Microsoft decided to go public with these hacking attempts in an effort to draw attention to the attacks U.S. citizens can potentially face in the lead up to the 2020 U.S. presidential election. Officials in the Trump administration have warned of “active threats” to the upcoming election, as reported by NBC News.
While there has been some debate on the validity of these hacking claims, it is clear that some groups will try to take advantage of dents in the country’s cybersecurity. Burt suggested that all users enable two-factor authentication. He also recommended those who work in a high-risk job — like journalists and campaign staffers — should periodically check their login history to ensure nobody else has been using their accounts.