close
close

Association-anemone

Bite-sized brilliance in every update

iPhone hack targeted presidential campaign officials: Was it China?
asane

iPhone hack targeted presidential campaign officials: Was it China?

A catastrophic hack involving a backdoor into AT&T, Lumen and Verizon’s networks surfaced in early October. Made me point out that Apple’s stance against backdoors in iPhone encryption proved once again to be correct. Any type of covert access to software or hardware could be exploited.

A state-sponsored hacking collective associated with China known as Salt Typhoon is believed to be responsible for the hack, although China has denied involvement.

Since early October, multiple reports have emerged indicating that the scale of the attack was far greater than the breach of AT&T, Lumen and Verizon networks through wiretapping “doorways” reserved for US law enforcement.

Hackers may have been looking highly valued targetsincluding phones belonging to Donald Trump, JD Vance, and people affiliated with Vice President Kamala Harris’ presidential campaign.

More recent developments indicate that the hack may be targeted iPhones belonging to unnamed senior presidential campaign officials ahead of the US election. It is not clear who these officials are or what side they worked for. The FBI is already investigating the hack.

Conformable Forbesa cybersecurity expert involved in protecting officials’ devices in these campaigns detailed the FBI’s investigation. The agency wants to determine whether China’s hack of US telecommunications networks was used to infect iPhones with malware.

Rocky Cole, founder of mobile security startup iVerify, said Forbes that his company discovered abnormal behavior on two iPhones belonging to high-ranking campaign officials.

iVerify detected iPhone settings that were altered “in patterns not seen on healthy devices.” Cole said previous mobile malware developed by state-sponsored hackers changed settings in a similar way.

“That doesn’t mean the devices were definitively compromised, but this information combined with who owned the devices and the timeline of events was enough to warrant a robust investigation, which is ongoing,” Cole said.

The FBI confirmed to Cole that one of the affected iPhones belonged to a Salt Typhoon target. The timeline of the abnormal behavior on the iPhone lined up with the Verizon network hack.

Cole’s firm was tasked with protecting officials’ iPhones through its work with the non-partisan non-profit Defending Digital Campaigns. This entity provides candidates and staff with free access to cyber security tools. Cole is a former NSA analyst and Google employee.

That said, it’s not clear if the iPhone hack was successful. iPhones have strong protection against hacks and malware. The data on them is encrypted. But we’ve seen sophisticated malware attacks targeting high-ranking individuals in the past. These are expensive to obtain and usually involve hacking groups considerable resources. Nation-states like China are usually associated with such attacks.

iPhone Messages
The iPhone Messages app. Image source: José Adorno for BGR

If the attackers were successful in the iPhone hack targeting senior presidential campaign officials, they could have gained access to critical information. It’s one thing to jailbreak a network like Verizon and another to jailbreak an iPhone. The latest exploit would give hackers access to private information, including files.

Most importantly, access to communications apps could be available to them, assuming full access to all of the iPhone’s content has been gained. They could inspect call history and text threads in encrypted apps like iMessage, Signal and WhatsApp. It could also get real-time location information.

Worse, a successful attack could open the door to similar attacks targeting US government officials in the future.

The report notes that none of the US parties involved have commented on the issue. It’s Apple, Verizon, and the FBI. Meanwhile, a spokesman for the Chinese Embassy in Washington denied that China was behind the hacks.

While law enforcement agencies may not want to comment publicly on the scope of these hacks, hopefully they will provide more information in the future. This is the kind of violation that deserves more explanation.

In addition to Forbes story, see The Wall Street Journal coverage of telecommunications hacks, including the targeting of presidential campaigns.