Update 8/23/18: The supposed cyberattack targeting the DNC was a false alarm, according to the committee. The phony login page — initially thought to be a sophisticated phishing attempt to gain access to the party’s voter database — was in fact a test organized by the Michigan Democratic Party and run by a white-hat cybersecurity firm.
Bob Lord, the DNC’s chief security officer, said in a statement that the committee had not been aware of the security test. “The party took the necessary precautions to ensure that sensitive data critical to candidates and state parties across the country was not compromised,” Lord said. “There are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn’t an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks.”
Original post below.
WASHINGTON — The Democratic National Committee is yet again under attack. CNN reported Wednesday that the DNC had alerted the FBI to a hacking attempt targeting the party’s voter database called Votebuilder.
A private security firm and a cloud-server company that hosts websites and other online infrastructure for political groups first alerted the DNC to the potential cyberattack on Tuesday morning. The attack took the form of a fake log-in page, designed to mimic a real DNC page, that could be used to trick individuals with database access to enter usernames and passwords. Hackers could then use that sensitive information to gain access to Votebuilder and potentially steal voter data.
It wasn’t immediately clear who was behind the attempted cyberattack, according to CNN and other reports. Nor was the attack successful, the DNC claims. But the style of the hack — a legitimate-looking log-in site used to obtain personal information — bears similarities to other foiled hacking efforts attributed to Russian-affiliated hackers.
The FBI declined to comment.
“It was very convincing,” Mike Murray, the vice president of security intelligence at Lookout, the cybersecurity firm that detected the phony DNC webpage, told CNN. “It would have been a very effective attack.”
In 2016, the DNC was the victim of the most infamous — and damaging — cyberattack in U.S. election history. According to the nation’s four major intelligence agencies, Russian-affiliated hackers used spear-phishing messages and other methods to access the emails of Clinton campaign chairman John Podesta and other Democratic Party officials, as well as a huge cache of internal party documents and data. The Russians then weaponized those pilfered materials in an attempt to damage Clinton’s candidacy and help elect Trump.
This new revelation is at least the third report of cyberattacks targeting Democratic candidates or committees in the last week.
On August 15th, Rolling Stone reported that the FBI had investigated a series of sophisticated hacking attempts — including one successful spear-phishing message — targeting a Democratic congressional candidate in California who had challenged Rep. Dana Rohrabacher, a Republican who is pro-Russia and pro-Putin and who was once warned by the FBI that the Russians were trying to develop him as an asset. Several days after the Rolling Stone story was published, Reuters reported that the FBI is investigating a cyberattack on a different California Democrat who ran in the state’s 45th district.
The DNC’s chief security officer, Bob Lord, told the Washington Post that the latest attack was “further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks. While it’s clear that the actors were going after the party’s most sensitive information — the voter file — the DNC was able to prevent a hack by working with the cyber ecosystem to identify it and take steps to stop it.”
Microsoft revealed this week that it had detected and foiled six domain addresses launched by Russian-associated hackers that had appeared to mimic websites connected to the U.S. Senate and two think tanks critical of Russia. The company said it had disrupted the fake websites before they had been put to use. “In the face of this continuing activity,” Microsoft President Brad Smith wrote in his announcement, “we must work on the assumption that these attacks will broaden further.”