The FBI said Monday afternoon that it is investigating efforts to hack both the Trump and Biden-Harris campaigns.
The investigation includes attempted hacks targeting three Biden-Harris campaign staffers, as well as Roger Stone, a former adviser to former President Donald Trump, according to a source familiar with the matter who spoke on the condition of anonymity.
The Washington Post first reported that attempted hacks of Biden-Harris staffers and Stone were part of the FBI investigation.
A Harris campaign official told NBC News that it did not appear to be a victim.
“Our campaign vigilantly monitors and protects against cyber threats, and we are not aware of any security breaches of our systems,” the official said.
It is not clear whether the targeting of the Biden staffers was successful, the source said. Stone told the Post he had been informed by authorities his email had been compromised.
Politico, The Washington Post and The New York Times reported over the weekend that they had received seemingly authentic files stolen from the Trump campaign. A Trump campaign spokesperson said Saturday that it had been hacked in June. NBC News has not received any of the purported files.
The FBI has not released any other information or characterized what hack, if any, happened. The Trump campaign has claimed that the files were part of an Iranian hacking operation that Microsoft announced Friday, citing the report as evidence. Microsoft has declined to comment, citing its policy of not sharing customer details without permission. The company does share such details if a customer formally asks it to do so, a spokesperson told NBC News.
The Trump campaign did not respond to an email asking it to clarify whether it had authorized Microsoft or any federal agency to speak publicly about the hack. Iran’s representative to the United Nations has denied that the country was behind the hack.
Cybersecurity and election security experts have consistently warned that foreign efforts to influence U.S. elections could include such “hack and leak” attacks, in which private systems are compromised to steal and later leak sensitive information. Hack-and-leak attacks have hit many elections around the world, most notably the U.S. election in 2016, when hackers working for Russian military intelligence stole emails and other files from the Democratic National Committee and Hillary for America organizations and methodically leaked them in the final months of Hillary Clinton’s campaign.
Security experts with the U.S. government and private organizations have warned that Russia, China and Iran appear to be making efforts to sway the 2024 U.S. election, with Iran seeking to undermine Trump, the Republican nominee.
The recent Microsoft report found that the hackers had broken into the email account of a former senior adviser to a presidential campaign and then used that account to send a phishing email to another high-ranking adviser on that campaign, and it said it recently alerted the campaign. Microsoft didn’t say whether the phishing email was successful or what campaign was targeted.
As of late Monday afternoon, little else was known about the purported hack, including the extent to which the Trump campaign was willing to work with the FBI.
Chris Krebs, chief intelligence and public policy officer at the cybersecurity company SentinelOne, said Trump and his aides may be reluctant to fully cooperate with federal investigators, given Trump’s “relationship with federal law enforcement.”
“There may not be a desire to collaborate all that much,” said Krebs, who was director of the Cybersecurity and Infrastructure Security Agency in the Trump administration and was fired by Trump after he declared the 2020 election was the most secure in history.
A decision not to cooperate fully with federal authorities could hamper and slow an investigation into the purported hack, Krebs said.
“That, unfortunately, can impede — from a national security perspective — our understanding of the event and what’s happening,” he said.
The claim from the Trump campaign adds to what had already been a deeply antagonistic relationship between Iran and the former president. While president, Trump authorized a 2020 drone strike that killed Qassem Soleimani, a key Iranian military leader. Last month, Biden administration officials said they had reason to believe Iran had planned to attempt to assassinate Trump. Iran’s representative to the U.N. also denied that allegation.
Tehran has vowed to avenge the general’s death, and several former senior officials who worked in the Trump administration have government-funded security teams protecting them around-the-clock.
Former U.S. officials and cybersecurity experts have said that the best response to hacks and disinformation efforts is transparency, providing accurate information quickly and exposing attempts to mislead the public.
Rep. Adam Schiff, D-Calif., the former chair of the House Intelligence Committee, called on federal authorities to release any relevant information without delay.
“The Intelligence Community should move with great alacrity to declassify and disclose any appropriate information it has concerning the potential foreign nature of this interference. Transparency is still our best deterrent against foreign influence operations,” Schiff said in a social media post.
Schiff said U.S. intelligence agencies responded too slowly to the Russian election interference operation in 2016. The Democratic lawmaker added that any foreign attempt to interfere in the U.S. election should be condemned, no matter which party is targeted.
The apparent hack of Trump campaign files echoes the 2016 Russian campaign against Hillary Clinton, but so far seems notably less elaborate in distributing the hacked files.
The Russian operation involved an elaborate scheme, involving a fake hacktivist persona, named Guccifer_2 after a real Romanian hacker. The fake Guccifer had an active Wordpress account and a Twitter handle that they used to share the documents.
The Russian effort also gave files to WikiLeaks, which published them. It separately hosted Democrats’ files on a website it created called DCLeaks, which had a corresponding Facebook page.
There is no apparent similar distribution system for the hacked Trump files, at least so far. If the hackers do work for Iran, that seems to show a lack of foresight on their part, said Simin Kargar, a senior nonresident fellow studying Middle Eastern influence operations at the Atlantic Council’s Digital Forensic Research Lab.
“They’re kind of incompetent. If they really wanted to make a good hack-and-leak operation, they could have done much better,” she said. “This is very much in line with Iranian actors.”
This article was originally published on NBCNews.com