I'm David Marquesi.

And I'm Lulu Garcia-Navarro.

We're the hosts of The Interview from The New York Times.

David and I have spent our careers interviewing some of the most interesting and influential people in the world.

Which means we know when to ask tough questions and when to just sit back and listen.

And now we've teamed up to have these conversations every week. We'll try to reveal something about the people shaping our world.

And we'll get some great stories from them, too. It's The Interview from The New York Times.

Listen wherever you get your podcasts.

From New York Times, I'm Michael Barbaro. This is The Daily. Today, US authorities have repeatedly warned that foreign governments would seek to meddle in this year's presidential race. It now appears that they were right. My colleague, White House and National Security Correspondent David Sanger, brings us the of the first major cyber attack of the 2024 campaign. It's Tuesday, August 27th. David, a few weeks ago, just after the Republican National Convention, when the presidential race is entering its most intensive phase, the Trump campaign comes out and it says, We have been hacked. It doesn't get a ton of attention at the time, but you have been trying to understand what actually happened. Tell us what you have learned.

It started the Friday before President Trump and his campaign made that announcement.

A major warning from Microsoft about foreign interference in the upcoming US presidential election.

There was a report that came out from Microsoft. Microsoft, of course, has an incredible view across the Internet because people are using so many different Microsoft products. They're usually among the first to see hacker activity.

Microsoft outlining what it says was an Iranian cyber attack on an active presidential campaign.

Before Trump made a statement, they released a report that declared that there was a hacking group run by Iran.

Iran sent fake emails from a compromised email account of a former senior advisor.

And that it had successfully breached the account of what they called a former senior advisor to a presidential campaign.

Very tantalizing, but also very mysterious.

Exactly, Michael.

Over the weekend, former President Donald Trump said his campaign was hacked, and he blamed Iran.

Then the next day, President Trump came out and his campaign and said that they had been informed by Microsoft several weeks before that they had, in fact, been hacked. Unsurprisingly, Iran is now trying to tilt the election in Kamala's favor very strongly. They're openly fighting for it. But Mr. Trump, in his usual way, fogged it up by saying, Don't worry, they didn't get anything you couldn't get from our website. It wasn't terribly important. But he wanted to make the point that a foreign intelligence operation was trying to interfere in his campaign.

Got it. And between these twin announcements, the first from Microsoft, the second from the Trump campaign, what do you end up learning has actually occurred here?

Well, this was a strange enough set of events that A group of us all began to dig in. I talked to Microsoft investigators, and they described in a little more detail what they had learned. Then we also talked to federal investigators because we had every reason to believe that the FBI was on to this as well. From our sources, we learned Iran also targeted the Biden-Harris campaign. The bigger surprise, Michael, would have been if they hadn't, but we don't know if it had any real effects. And then my colleagues Maggie Haberman and Adam Goldman and Glenn Thrush began to dig around with the campaigns. And they spoke to Roger Stone, who you remember was a long time and very close advisor to former President Trump. He was deeply involved in the effort to alter the results of the 2020 election. But it turns out that he had received a warning, also from Microsoft and from federal investigators, that both his Hotmail and Gmail accounts had been compromised. So piecing that all together, it appears that here's what happened. The Iranians ran what's called a spear phishing campaign on Roger Stone, got him to answer an email and basically give them access to his email accounts.

And then they leveraged that to send out emails that appeared to come from Stone, right? A trusted old friend of the Trump campaign to senior members of the current campaign. It was a pretty sophisticated, socially engineered hack by the Iranians to gain access to the Trump campaign by pretending to be Roger Stone.

David, I want to get to whether or not this fishing expedition got Iran anything that it was looking for. But let's start with Iran's motivation for trying to get inside the Trump campaign in the first place. Why try to hack this campaign?

Well, the key to this, Michael, was the fact that Microsoft left no doubt about who they thought this was. It wasn't some mysterious organization out there someplace. It was the military, the Islamic Revolutionary Guard Corps, the IRGC, which is the most elite part of the Iranian military, and historically, some of their most successful and aggressive group of hackers. They've got a lot of motivations to try to derail a Trump presidency. It's not simply that Trump is anti-Iran. He's the one who killed off the 2015 Iran nuclear deal and reimposed sanctions on the country just when they thought they had reached an agreement with the United States that basically traded progress in their nuclear program for reentering the world economy. Not only that, he was singularly responsible for the death of Kassim Solomani, who was a revered general, rose through the IRGC ranks, ultimately ran the Kouds Force, which is one of their most powerful units, and he was killed in January of 2020.

Right. And Trump, personally, as I remember it, authorized his assassination.

That's exactly right.

I want to ask you, when it comes to this hack, do we know what Iran actually obtained from this attempted hacking effort?

Well, it's a complicated question, Michael, because we don't know whether the senior members of Trump's campaign fell for the same fishing attempt that Roger Stone for. We don't know whether or not the Iranians, as a result, were able to get inside the campaign's systems and networks. What we do know is that around the same time that the Trump campaign announced this hack, a number of news organizations, including the Times, reported that they had received some documents, largely vetting documents, that would be used to go assess potential candidates it's for vice president. They were about 200 pages or so, and they appeared to be internal from the Trump campaign. So people jumped to the conclusion that it must have come from the Iranian hack.

I mean, that would be a very logical conclusion. I think for most of us who've covered politics over the past decade, that was the moment where we said to ourselves, Uh-oh, this is 2016 all over again. A foreign government with a stake in the election, stealing emails from a campaign to try to embarrass the candidate and prevent that candidate from becoming president. In 2016, it was when Russia stole emails from Hillary Clinton, gave them to reporters. Now this time around, it appeared Iran was doing the same thing, trying to steal emails from the Trump campaign to embarrass him by giving those emails to reporters.

Michael, that's exactly what everyone thought was happening initially. But I've covered cyber issues long enough to know that it's really easy to leap to a conclusion that a certain set of documents came from a certain hack. I've been wrong plenty of times before. The more we looked at these, we just weren't sure because the nature of the documents, which were not immensely revealing, could have come from the Iranian hack, but you'd expect that they'd have a lot more if they had free range inside the Trump campaign. Instead, they could just as easily have come from a disgruntled insider. They weren't particularly confidential. Most of these 200 pages were filled up with statements that were excerpts of lines that Vance had used about how much he disliked or distrusted Trump in the past. Frankly, there was nothing there that couldn't have been assembled by a bright college intern who spent a day making their way through through Google to just try to put together a dossier of nasty public things Vance had already said.

Understood. You're saying that the 2016 analogy isn't really a good one. But I think we should explain that for just a moment, because I think a lot of people who learned about this Iranian hack, wondered, why aren't we seeing news outlets publishing stories based on what they presumed Iran had stolen and that our journalists had in their possession that might embarrass Trump? Why weren't they publishing these emails in the same way that they had when Russia stole embarrassing emails about Hillary Clinton? I hear you saying that we aren't sitting on embarrassing emails from the Trump campaign. If anything, we're sitting on publicly available information that, as you said, a bright young intern could find from Google searches about JD Vance, and that we don't even know where these emails came from, who took them, which is why the New York Times, among other news agencies, hasn't really published any of this so far.

Yeah, that's exactly right. I mean, it's not my call. That's for senior editors of the paper. There was certainly a live discussion of the question, but it was very different from what we saw in 2016, which were clearly emails from inside a campaign. Some of them came from John Podesta's account, a senior campaign official. Those emails gave you a sense of the internal dissonance within Clinton's campaign. There was an email, for instance, in which Podesta and his aides criticized Clinton for what they thought were her terrible instincts as a candidate. We learned about the contents of paid speeches the Clinton had given that became the subject of controversy in the campaign because she had declined to publicly release them. While the publication of these emails has always upset some of Hillary Clinton's supporters, the journal Realistic explanation was that they revealed things we previously didn't know. Now, the documents we got this month, ostensibly from inside the Trump campaign, they fundamentally didn't have any news in them. Now, Michael, it's also possible we're just at the beginning of this and that at some point we'll see more documents, and maybe they'll be revealing of what's happening inside the Trump campaign.

But we'd have to have a pretty active journalistic discussion at that time about whether any new documents were newsworthy. And of course, there's always the question of whether you're doing the bidding of a foreign government by publishing them.

So that conversation aside for just a moment, it very much feels like Iran's attempted hack of the Trump campaign is our first real warning that this election, 2024, is going to be another election in which foreign governments try to put their finger on the scale, try to influence the course of and outcome of our presidential election.

Four years is a lifetime in the technological advancement of hacking techniques, of the sophistication of information operations. Now, of course, we have a whole new factor, far more sophisticated artificial intelligence tools that can be used to fool voters and so forth. Of course, the number of countries that are interested in influencing the US election is growing, and they've got capabilities of their own to interfere. When you add all of this together and you compress the problem into a pretty short cycle until election day, it could be a more potent threat to interfere in the election process than we've seen in past years. We'll be right back. I'm Brian Rosenthal. I'm an investigative reporter at the New York Times. My dad is a scientist. My career has been devoted to scientific teaching and research. I remember growing up, I didn't fully understand what he was doing every day. But now that I work as an investigative journalist, I do understand. So you have to start with facts. From those facts, a hypothesis appears, and then you work on trying to test that hypothesis. I do the same thing, obtaining documents, crunching the data, and I talk to as many people as possible to get to the bottom of the story.

The New York Times does not publish until we can prove that something is true. The best scientists are able to do that deep work because they receive funding from their university or from the government. We, as journalists, depend on funding from subscribers. You can support that type of work by subscribing to the New York Times.

David, let's talk about these threats to the 2024 election that you just raised, this growing cast of players that are a threat to our system and what they might do to influence this election.

Well, Michael, the primary actors that the US intelligence community is concerned about is the old set of actors. It's Russia, it's China, and it's obviously Iran, as we've been discussing. So in early July, ahead of all of this news about the Trump campaign and Roger Stone and Microsoft and all that, the US intelligence community issued a public alert and said, Here's what they're worried about. Obviously, their first and biggest concern was Russia. And they were saying that they were beginning to see the Russians identify specific voter demographics and go amplify those divisive narratives that they used so well in 2016, when you'll recall, they grabbed on social divisions, whether it was abortion or gun control or something like that, and they used it to go try to influence that election.

The idea was that they were going to inflame existing partisan divisions in our country.

That's right, because that's far more effective than trying to create something a new. Now, for the Russians, it was pretty clear what their desired outcome was. They are very pro-Trump. The Iranians, as we've discussed, are very anti-Trump. Then in the middle of this, for the Chinese Chinese who have been a lot more cautious. The intelligence agencies doubt they're really planning to try to influence the outcome here because they're really not sure which candidate they dislike the most. Trump obviously blamed China for COVID, has threatened huge tariffs on their goods. But it was Joe Biden who actually put export restrictions on the most high-end chips that the Chinese need to develop the large language models for artificial intelligence.

So just to summarize, Russia, when it thinks about meddling in our election, wants to do whatever it can to help Trump. Iran wants to do everything it can to hurt Trump, which we presume means they'd like to see Kamal Harris win. When it comes to China, we don't really know which side China has picked. I'm curious when the US officials you talk to When we think about meddling in 2024, what precise scenario they most fear from these three countries?

Well, it's a great question because there are different techniques, and they fear them for different reasons. So we've already talked about one of them, which is you fish into a campaign, you get some embarrassing memos, you release them. Okay, so we're up on that. Then there's the disinformation stuff. You go and you create bots or fake fake news. And then there's the third one, which some US officials are most concerned about. Frankly, it's the one that concerns me the most about trying to tamper with the election itself. On election day, to create doubts about whether this was truly a fairly run vote.

What would election tampering from a foreign government look like, exactly?

Well, we focused a lot in 2016 on the question of whether or not you could actually play with the voting numbers and the election machines. And what we learned is that that's really hard. And it's hard because our system is so disparate. Every state uses a different method. Some places use paper ballots, some places use ballots where you mark something electronically, but there's a paper backup. Some use all electronic systems and so forth. And what we've discovered is that our system is so discombobulated, unlike the Europeans, who basically have one system used throughout an entire country, that it's actually hard to hack. This is one of the rare moments-Fascinating.where the differences among the states is actually a cyber safety device for us.

Too messy to interfere with.

That doesn't mean it's impossible. But what worries me the most is less the voting machines than the state voter registration bowls.

Just to explain what you're referring to, this is the, when you vote, long ream of names and signatures that contain the identities of everyone who wants to vote.

That's right. Usually, in most places, you have to register well ahead of election day, or you have to have been living in a state for a certain period of time. So what worries me about the registration roles is that in the past couple of years, we have seen a huge explosion in ransomware. This is the software that is used to lock up an entire city. You remember it happened to Baltimore. It happened to Atlanta. It's happened to many companies. But it's not hard to imagine a ransomware attack that was aimed at locking up a state's ability to go sign up new voters. And that then raises the question, did something happen to the registration during that hack or around it? So that when you go to vote, Michael, they look and say, Well, this is very interesting because you're voting in New York, but our system shows you moved to Arizona a few months ago, right? Or we think you're double-registered someplace. And there There is the possibility of creating just enough data manipulation to make people question the accuracy and quality of the voter registration rules.

Got it. The nightmare scenario is that a foreign country basically hacks into, I'm making this up, but a swing district somewhere in Wisconsin takes over the voter rolls, manipulates those voter rolls in the direction they want the election to go in that state We wouldn't know what happened until they released the voter rolls, perhaps after a ransom is paid, and suddenly people show up to vote and they find out, I can't because my name has been deleted. I've been moved to Idaho. And suddenly it's a real mess.

What you've described is the outside scenario where they lock things up and they manipulate the data. But they can do a lot of damage just by locking things up because it creates the fog whether or not they did do anything. If you're trying to manipulate the election, you may have done as much damage by creating the fear that data was altered than by actually altering it. There's very little question who would seize on that doubt. It would be Donald Trump, who, with almost every campaign appearance, is throwing in the line that someone is trying to go influence the election to keep him from regaining office. Sometimes he blames the Biden administration. Sometimes he blames the FBI. Sometimes he blames CISA, the group within the Department of Homeland Security that oversee cybersecurity in the United States, that's providing election help to states and towns and cities. So Trump is seeding the clouds out here now for the rainstorm that he might want to have happen if he lost the election.

Right. As we've explained on the show, actually within the past week, he hasn't just seeded the clouds. He has seated local election boards with people who anticipate that there might be interference and problems and seem very ready to raise objections to certifying the results of this 2024 election.

That's exactly right. In that episode that you ran last week, what you discovered was that these election workers would have some vaguely defined right to hold up the certification of the election if there were reasonable doubts about the election outcome. So the perfect storm that people who worry about this thing could imagine coming is enough foreign interference to create that doubt. Then these presumably pro-Trump, newly appointed election officials using that fog of uncertainty to declare that they can't certify the result and have them reported to Congress.

Well, given that, David, it strikes me that even if a foreign country trying to interfere in our elections were trying to help Kamala Harris, let's say, Iran, that the doubts that would raise through their hacking efforts, their cyber attacks, would probably end up benefiting Trump more because of the doubts he has seated and the supporters he has gotten onto these local election boards.

You have to think that that's right. Of course, if he comes out ahead, he's not going to mention that fog at all.

David, it feels worth posing a devil's advocate's question here at the end about our fears of election interference, because you have raised a lot of very worrisome scenarios in our conversation. But if we think back to 2016, we think back to 2020, I wonder if our fears of interference were greater than the reality of what foreign countries were trying to do, especially when it comes to actually tampering with results. So is it possible that we have gotten a little too worried about all of this and the way we talk to America? And maybe we should take this down a notch or two.

2016 and 2020 give you very different answers to that question. In 2016, we knew before the election happened that the Russians were trying to get into the election roles. And it was only after the election that we really understood the scope of the information operations they were running. In 2020, we were much better prepared It turned out the Russians did relatively little in that election of note, and we saw for the first time some awkward Iranian interventions. What's that tell you about 2024. Well, the first thing it tells you is that, yes, we can overhype the threat, but as in all threats, the threat of nuclear war, the threat of biological attack, all the other per raid of horribles that you and I discuss at various moments, you can overhype the concern, but that's probably the only way to get attention focused on the possibilities and think about the prevention perspectives.

In other words, the price of vigilance against election interference may be that we end up feeding a narrative about election interference. We don't mean to, but that may just be the cost of making sure we're prepared.

That's absolutely right. But let's remember here what we have at stake. This is one of the most consequential elections in American history. It comes after two election cycles in which we have worried about foreign interference and one in which a large part of the population has denied that the election turned out the way it really turned out. Because in just two and a half months, Michael, there's going to be no more important question than whether or not this election was fairly run. There's no more important single issue for retaining confidence in our democracy and in our election system. The two are so inextricably intertwined that we have to get this right.

Well, David, thank you very much.

Thank you.

We'll be right back. Here's what else you need to know day. On Monday, Democrats sued the Georgia State Election Board, arguing that its efforts to alter the state's election certification process were illegal and could create chaos on election day. The board's actions give local election officials the authority to conduct investigations into voting before certifying their results, a power that Democrats fear will lead to delays and miss deadlines in a key swing state. And prosecutors in France said they have arrested the founder of Telegram in connection with an investigation into criminal activity on the popular messaging app. The investigation, prosecutors say, includes complicity in the distribution of child pornography, drug sales, money laundering, and the refusal by Telegram's leaders to cooperate with law enforcement. If you want more news, and I suspect you do, check out our other Daily News show. It's called The Headlines. It brings you the day's top stories, along with analysis from Times reporters, all in about 10 minutes or less. You can subscribe to it wherever you get your podcasts. Today's episode was produced by Claire Tennis-Sketter and Michael Simon Johnson, with help from Shannon Lynn. It was edited by Lexie Diao and Michael Benoît.

Contains original music by Marion Lozano, Pat McCusker, and Dan Powell, and was engineered by Chris Wood. Our theme music is by Jim Brunberg and Ben Lansberg of WNDYRLE. That's it for The Daily. I'm Michael Balbaro. See you tomorrow.