The accounts belonged to government officials, presidential campaign workers, and journalists who report on stories about the Iranian government and politics. The four compromised attacks thankfully did not belong to anyone currently working for the United States government or a presidential campaign.
It is not good that a hacker group could be able to access and manipulate these accounts, but it can also be dangerous for them to know the identity of the account’s owners. Many journalists and activists rely on privacy to prevent them from being physically harmed. Account access could provide hackers information about the owner’s location, contacts, etc.
The affected accounts are part of Microsoft’s AccountGuard initiative. Members of political campaigns, political party committees, government officials, NGOs, and journalists can sign up for an AccountGuard account. Microsoft’s team monitors and warns of threats, offers security advice and training, and allows customers to adopt previews of new programs. The purpose of the program is to protect elections, campaigns, and people “working on issues related to democracy” from cyberattacks.
Phosphorus Hacker Group
This particular cyberattack was not widespread, but Microsoft is concerned about the hackers’ determination and dedication. They remarked, “his effort suggests Phosphorus is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering.” This is not the first time Microsoft has tangled with Phosphorus. This past spring Microsoft received a court order to take down domains that were controlled by Phosphorus. Let’s hope that these kinds of groups will not be able to disrupt or influence any of the upcoming elections.