The Democratic National Committee alerted the FBI on Tuesday to an attempted hack of its voter database – two years after Russian spies compromised its computers and released thousands of emails online, throwing the party into disarray in the midst of the presidential election.
The latest effort failed and the culprit’s identity is not known, DNC officials said.
They said the move, first reported by CNN, showed that adversaries are still determined to try to interfere in the election process, despite warnings from senior government officials. It comes, too, as the Trump administration faces criticism it hasn’t done enough to safeguard the November election.
“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” DNC chief security officer Bob Lord said in a statement. “While it’s clear that the actors were going after the party’s most sensitive information – the voter file – the DNC was able to prevent a hack by working with the cyber ecosystem to identify it and take steps to stop it.”
The committee was alerted to the attempted breach Tuesday by a San Francisco-based security firm, Lookout, and a cloud-service provider, DigitalOcean. The security firm discovered that a fake DNC log-in page had been created to trick people into giving up their usernames and passwords, a Democratic official said.
The page was designed to look like a portal that Democratic Party officials and campaigns use to access a platform called VoteBuilder, which houses the party’s voter file.
Lookout’s detection tool for “phishing” sites was triggered late Monday and within hours company officials had called the DNC, DigitalOcean and the vendor that manages the DNC site, said Mike Murray, Lookout’s vice president of security intelligence. The detection tool is powered by artificial intelligence and receives thousands of hits on suspicious sites each day.
Murray said that the company probably found the site within 30 minutes of its being put online – before anyone would have logged on to it – and that it was changing rapidly, as if the hackers were building it as Lookout was discovering it. The fake site was designed to look identical to the one built for the DNC.
The site had no malware, Murray said. Rather it was intended to trick users into submitting their usernames and passwords so that hackers could then penetrate the real site.
Murray said there is no way yet to tell who was behind the attack. “It’s way too early,” he said. “That kind of analysis and attribution takes time.”
DigitalOcean’s chief security officer, Josh Feinblum, issued a statement Wednesday saying: “In coordination with the research firm, Lookout, and the DNC, we began taking immediate steps to address the threat. We are continuing to partner with the DNC and appropriate law enforcement agencies on this issue. We take this, and all types of abuse of our services, seriously, and remain focused on making the internet a safer place.”
The DNC’s deputy communications director, Adrienne Watson, said the attack was “completely thwarted,” adding, “There was no way the voters file was accessed.”
Nonetheless, Lord said that the threats are “serious” and that the party cannot deter aggressors on its own.
“We need the [Trump] administration to take more aggressive steps to protect our voting systems,” he said. “It is their responsibility to protect our democracy from these types of attacks.”
Lord briefed state party officials on the attempt at a meeting Wednesday in Chicago.
Some Democrats responded to the news by criticizing Republicans for voting down an effort in the House last month to increase election security spending.
“This hacking attempt comes just weeks after @HouseGOP voted AGAINST funding for voting protections,” Rep. Carolyn Maloney (D-NY), said in a tweet Wednesday afternoon. “Our intel community warned us about this, and now its happening. This isn’t ‘fake news’ – its a REAL attack on our democracy. We need to act.”