Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Google Tells Toomey Hackers Tried to Infiltrate Staff Email

Google has alerted U.S. Sen. Pat Toomey’s office that hackers with ties to a “nation-state” sent phishing emails to old campaign email accounts, a spokesman for the Pennsylvania Republican said Friday.

Google has alerted U.S. Sen. Pat Toomey’s office that hackers with ties to a “nation-state” sent phishing emails to old campaign email accounts, a spokesman for the Pennsylvania Republican said Friday.

Toomey’s office was notified this week about the attempt to infiltrate email accounts, said spokesman Steve Kelly. He said the dormant accounts hadn’t been used since the end of the 2016 campaign, and the staffers they’re attached to no longer work for Toomey. The nation-state wasn’t identified.

“This underscores the cybersecurity threats our government, campaigns, and elections are currently facing,” he said. “It is essential that Congress impose tough penalties on any entity that undermines our institutions.”

Toomey currently isn’t running for office and the effort would not have affected the upcoming midterm elections.

Google told Toomey’s office that the emails appeared to be exploratory, Kelly said. Based on scans for spam, phishing and malware, the emails likely did not contain malware or links to a credential-phishing site, he said.

A Google spokesman said the company wasn’t commenting on the phishing attempt.

The notification is the latest by a tech company of suspected Kremlin attempts to spy on U.S. elected officials and campaigns and potentially meddle in U.S. politics.

Google’s warning to Toomey comes just weeks after a Microsoft discovery led Sen. Claire McCaskill, a Missouri Democrat who is running for re-election, to reveal that state-backed Russian hackers tried unsuccessfully to infiltrate her Senate computer network last fall.

That effort recalled what U.S. prosecutors called in a July 13 indictment a concerted effort by Russian military operatives ahead of the 2016 election focused on helping to elect Republican Donald Trump to the presidency by exposing internal divisions in the Democratic Party meant to discredit his opponent, Hillary Clinton. The indictment says the Russian agents broke into Democratic national organization servers and stole and leaked damaging emails.

On Tuesday, Microsoft disclosed what it called new Russian espionage efforts targeting U.S. political groups — this time conservative Republican foes that have promoted sanctions to punish the Kremlin for military aggression against Ukraine.

The company said a group tied to the Russian government created fake websites — presumably to steal passwords or plant spyware— that appeared to spoof two American conservative organizations: the Hudson Institute and the International Republican Institute. Three other fake sites were designed to look as if they belonged to the U.S. Senate.

The Kremlin denied involvement.

Written By

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...