Google, the American technology firm, disclosed on a recent Wednesday that a suspected Iranian cyber operation targeting the United States presidential campaigns is underway and sweeping in scope. The effort is said to be aimed at email accounts belonging to U.S. officials and individuals connected to Vice President Kamala Harris, President Joe Biden, and former President Donald Trump.
According to researchers at Google, a group linked to the Islamic Revolutionary Guard Corps conducted intrusions into the personal email accounts of about a dozen people closely associated with both Biden and Trump during May and June. The company reports ongoing login attempts on accounts tied to Harris, Biden, and Trump, which have so far failed to gain access.
Trump’s campaign has blamed Iran for the documented breaches, though the U.S. government has not publicly determined responsibility or whether the two incidents are connected. Iranian authorities have denied the allegations, with CNN reporting their stance that they have no interest or motive to meddle in the U.S. presidential race.
In the same briefing, Google noted that the hacking group referenced above also targets Israel-focused targets and increased activity in April against users connected to the military and defense sectors in Israel, as well as diplomats and non-governmental organizations. In that period, the attackers sent emails posing as journalists to elicit responses about the recent airstrikes.
The findings underscore the persistent risk posed by state-backed cyber actors who focus on political figures, policymakers, and the informational ecosystems surrounding national elections. Analysts emphasize the importance of robust digital hygiene, including strong, unique passwords, multi-factor authentication, and careful scrutiny of unsolicited email communications, especially those requesting sensitive information or access credentials. Organizations and individuals involved in public life are urged to adopt continuous monitoring, rapid incident response planning, and transparent reporting processes to mitigate potential breaches and ensure the integrity of communication channels during the electoral cycle. Attribution in such cases remains complex, and investigators stress that establishing direct links often requires corroborating evidence across multiple domains, including technical indicators and contextual intelligence. [Attribution: Google security researchers]