Canadian Security Magazine

DNC says it thwarted hacking attempt on its voter database

By The Associated Press   

News Data Security annex cybersecurity data breach data hack data security democratic national committee democrats dnc trump US us election

CHICAGO — The Democratic National Committee said Wednesday that it has thwarted a hacking attempt on its database holding information on tens of millions of voters across the country.

A party official said DNC contractors notified the party Tuesday of an apparent hacking attempt. The committee notified federal law enforcement. The official said no information was compromised and added that it’s unclear which third party had attempted the hack.

Bob Lord, the DNC’s chief security officer, briefed the leaders of state parties on the attempt at a party gathering Wednesday morning in Chicago. The DNC distributes the voter file to state parties for Democratic candidates to use the information to target voters during campaigns.

“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” Lord said in a statement. He said President Donald Trump isn’t doing enough to protect American democracy.

“We can’t do this alone,” he said. “We need the administration to take more aggressive steps to protect our voting systems.”

The FBI declined to comment.

The hacking attempt comes as Democrats gather for their summer meeting. The party’s cybersecurity has been an issue since the 2016 presidential election, when hackers identified as Russian by U.S. intelligence agencies compromised DNC servers and publicly revealed internal communications that exploited divisions between Bernie Sanders’ and Hillary Clinton’s campaigns as the two candidates vied for the Democratic presidential nomination. Hackers also accessed the email accounts of Clinton’s campaign chairman, John Podesta, and systematically released the contents throughout the fall campaign.

In Tuesday’s incident, a scanning tool deployed by the San Francisco security company Lookout detected a masquerading website designed to harvest the passwords of users of the login page of NGP VAN, a technology provider used by the Democrats and other liberal-leaning political organizations, the company said in a statement.

Lookout investigated and notified the company hosting the website, DigitalOcean, which took it down within hours, and Lookout’s vice-president of security intelligence, Mike Murray, reached out to the DNC and NGP VAN to begin the investigation, the company said.

Murray, incidentally, was a tech volunteer in 2016, when he helped the Democratic leadership fight off hacking attempts later determined by U.S. investigators to be from Russian military agents.

NGP VAN was one target of the 2016 Russian hacking onslaught against Democratic political staffers, according to data provided to The Associated Press last year by cybersecurity firm Secureworks.
Trump, a Republican, has mocked the DNC’s cybersecurity and cast doubt on intelligence findings that Russia was involved.

— Bill Barrow

Associated Press writers Frank Bajak in Boston and Mike Balsamo in Los Angeles contributed to this report.

News from © Canadian Press Enterprises Inc. 2018

Print this page


Stories continue below