Hackers Target Biden Campaign in Early Sign of 2020 Election
June 16, 2020
announced earlier this month that Chinese-backed hackers were observed
targeting former Vice President Joe Biden's campaign staff.
The internet giant said that hackers did not appear to compromise the
campaign’s security, but the surveillance was a reminder of Russia’s
interference in the 2016 election.
Analysts say China’s primary motive for breaking into a campaign is to
collect intelligence such as Biden’s proposals for U.S. policy on China,
although hackers could later try to use stolen intelligence to interfere
in the campaign itself.
Shane Huntley, director of Google’s Threat Analysis Group twittered on
June 4 that the company has discovered a “China APT group targeting
Biden campaign staff with phishing,” but there was "no sign of
The group Google discovered is called APT31. APT is an acronym for
“advanced persistent threat” usually from a group that has the backing
of, and direction from, an established nation state.
According to ZDNet, a tech trade publication, APT31 “also known as
Zirconium, is a Chinese state-sponsored hacking group that has been
active since at least early 2016, and has historically targeted foreign
companies to steal intellectual property, however, it has also targeted
diplomatic entities in the past.”
“This group, APT31 that we've tracked for awhile, [is] a group that
we've seen involved in what we believe is strategic intelligence
collection for things of interest to the Chinese government,” said Luke
McNamara, a principal analyst with cybersecurity firm FireEye
Biden’s campaign issued a statement that it has “known from the
beginning that the campaign would be subject to such attacks” and the
campaign will ensure that its assets are secure.
An official at the U.S. government’s Cybersecurity and Infrastructure
Security Agency told VOA they have shared the information with
congressional campaigns and state and local election officials to better
prepare them for attacks.
“Google’s announcement shows that secure, resilient elections are much
bigger than state and local, or even federal government efforts. The
private sector has a key role, as does the American voter,” the official
said in an email response.
Spying or interfering?
This is not the first time that Chinese hackers have been accused of
targeting a U.S. presidential campaign team.
During the 2008 presidential election campaign, a group of hackers
believed to be supported by the Chinese government was accused of
hacking into the campaign teams of Democratic presidential candidate
Barack Obama and his Republican rival John McCain, obtaining email
correspondence and internal documents that included the candidates’
positions on China.
James Lewis, director of the Technology Policy Program at the Center for
Strategic and International Studies (CSIS), said that by breaking into a
campaign, a hacker could learn valuable information such as the
candidate’s strategies and personal network of friends and colleagues.
“In fact, I know the Biden campaign is writing position papers on how to
deal with China. Getting access to that would be invaluable for Beijing.
And that's the primary motive,” he told VOA.
“Will they go beyond that and actually try and interfere in the campaign
the way the Russians have?” Lewis said. “I don't know. But collect
intelligence. Yes. Interfere in the campaign. Maybe.”
Cybersecurity experts say whether ACT31 is intelligence gathering or
engaging in political interference depends on how the hackers use the
U.S. intelligence agencies found that during the 2016 presidential
election cycle, Russians successfully hacked into the email box of the
campaign manager for Democratic contender Hillary Clinton, using a
“phishing” strategy. The hackers then went ahead and exposed tens of
thousands of stolen emails via WikiLeaks.
Many political observers believe those emails undermined Clinton’s
campaign, contributing to her loss in the 2016 election.
Apart from hacking, foreign forces also use social media to spread
misinformation that can mislead people or exacerbate political divisions
among voters. This is referred to as “information operations” in the
Chinese officials are increasingly taking advantage of social media
platforms that are banned in China, such as Twitter and Facebook, to
conduct information operations overseas.
Michael Daniel, the president and CEO of Cyber Threat Alliance, an
independent group of cyber security advisers, told VOA Mandarin he
expects China to use information operations to promote policies and
politicians that would seem more friendly to China.
“That's very different than trying to disrupt the electoral process and
have us wonder who actually won a particular race,” he told VOA
FireEye’s McNamara agreed. He added that China has been building its
capability of employing information operations, and whether it will use
it to interfere the U.S. election is one of the things to look for in
Yet CSIS’s Lewis offered a more concerning perspective. He said that in
the past few years, China has taken a much more overtly political
campaign in Australia, Taiwan, Canada and some Southeast Asian
is using all the tools it has to interfere with politics there. And I
think they're experimenting with a good way to do this in the U.S.,” he
said. “I think the Chinese have decided they need to get into this game
of political interference.”
China has been repeatedly accused of attempting to influence the
American elections. A Senate investigation in 1998 revealed that the
Chinese government had illegally donated to the Democratic Party in the
1996 presidential election.
The U.S. National Intelligence Agency reported China tried to spread
misinformation in the 2018 midterm elections.
Chinese officials have repeatedly denied that Beijing any intention of
interfering with the internal affairs of other countries, and in April,
Chinese Foreign Ministry Spokesman Geng Shuang told reporters during a
daily briefing, “The U.S. presidential election is an internal affair,
we have no interest in interfering in it.”