DNC Detects Attempt to Hack Voter Database Just Months Before Midterms

By Sabrina Siddiqui, Guardian UK

23 August 18

The Democratic National Committee has contacted the FBI, but officials say it was not known who was behind the attack

UPDATE

The Democratic party has admitted that what it first thought was a malicious attempt to hack the party’s massive voter information file turned out to be just a security test.

Bob Lord, the Democratic National Committee’s chief security officer, said on Thursday the attempted hack was “built by a third party as part of a simulated phishing test”.

“The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors,” Lord said.

A senior Democratic official said on Thursday that the attempted breach was the result of the Michigan Democratic party arranging a phishing attempt to test login security. The state party did not alert the DNC or the internet platform that hosts the data about their test, the official said.

The official was not authorized to speak about sensitive security information and spoke to the Associated Press on condition of anonymity.

Alarm bells went off on Wednesday when the DNC said it was notified that hackers created a fake login page to gather usernames and passwords in an attempt to gain access to the party’s voter file, which contains information on tens of millions of voters. The party said the attempt was quickly thwarted by suspending the attacker’s account and that no information was compromised.

With less than three months before the November election, word that the DNC could have been hacked revived concerns about the security of the nation’s election system. Two years ago, Russian operatives sent the DNC into disarray by hacking into its computers and facilitating the release of tens of thousands of emails amid the presidential election.

he Democratic National Committee (DNC) has contacted the FBI after detecting a possible attempt to hack its voter database, which contains information for tens of millions of voters across America.

The disclosure comes just months before the 2018 midterm elections and marks the latest indication that external powers might still be engaged in active efforts to infiltrate the US electoral process. The news was first reported by CNN and was confirmed by the Guardian.

It was not immediately known who was behind the latest attempt to penetrate the DNC system, officials said, while noting the effort was thwarted.

“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” the DNC’s chief security officer, Bob Lord, said in a statement.

“While it’s clear that the actors were going after the party’s most sensitive information – the voter file – the DNC was able to prevent a hack by working with the cyber ecosystem to identify it and take steps to stop it.”

The DNC was at the center of Russian interference in the 2016 presidential election, when hackers illegally obtained and subsequently leaked thousands of internal emails through WikiLeaks just ahead of the party’s national convention. Russian hackers subsequently stole more than 50,000 emails from John Podesta, then the chairman of Hillary Clinton’s campaign, and released them in tranches in the months before the November election.

Robert Mueller, the special counsel overseeing the FBI’s investigation into Russian meddling in the US election, indicted 12 Russians last month in connection with the DNC and Podesta hacks. The DNC separately filed a lawsuit earlier this year seeking millions in damages from the Russian government, the Trump campaign and WikiLeaks, claiming a widespread conspiracy to influence the 2016 election.

US intelligence officials have repeatedly warned of “pervasive” efforts by Moscow to disrupt the 2018 midterms, even as Donald Trump has shown little regard over the matter. The president ignited a firestorm last month at a summit with the Russian president, Vladimir Putin, in Helsinki, in which Trump sided with the Kremlin over US intelligence authorities on whether Moscow had interfered in the 2016 election. Although Trump later walked back his comments, amid an avalanche of criticism, he has continued to downplay the threat posed by the Russians in a high-profile split from the national security community.

On Tuesday, Microsoft accused the Russian group linked to the hacking of Democrats in 2016 of launching fresh attacks against political groups in the US. The technology company said it had uncovered fake websites designed to mimic two conservative thinktanks and other fake domains purporting to belong to the US Senate.