Apparent DNC Voter Data Hack Attempt Was Unauthorized Test - NBC Southern California
National & International News
The day’s top national and international news

Apparent DNC Voter Data Hack Attempt Was Unauthorized Test

The apparent false alarm comes two years after Russian operatives sent the party into disarray by hacking into its computers and facilitating the release of tens of thousands of emails

    processing...

    NEWSLETTERS

    Apparent DNC Voter Data Hack Attempt Was Unauthorized Test

    A Democratic National Committee official is now saying that what appeared to be a thwarted attempt to break into its massive voter database was actually an unauthorized test.

    Bob Lord, the DNC's chief security officer, said late Wednesday in a statement that the test "mimicked several attributes of actual attacks on the Democratic party's voter file" and that it was not authorized by the DNC, the company that houses the file containing information on tens of millions of voters, or its vendors.

    A web security firm using artificial intelligence had uncovered what was believed to be an attack and the DNC was notified Tuesday, it said.

    Hackers appeared to create a fake login page to gather usernames and passwords in an effort to gain access to the Democratic Party's voter file, a party official had said. The attempt was quickly thwarted by suspending the attacker's account, and no information was compromised, the official said. The FBI was notified; it declined to comment to the AP.

    Trump Denies Bombshell Russia Reports From NYT, Post

    [NATL] Trump Denies Bombshell Russia Reports From NYT, Washington Post

    President Donald Trump responded to accusations of Russian collusion in two separate bombshell reports from the New York Times and the Washington Post. Trump denied that he fired former FBI Director James Comey to advance Russian interests and a Post report that he hid conversations he had with Vladimir Putin.

    (Published Monday, Jan. 14, 2019)

    The official wasn't authorized to speak about sensitive security information and spoke to The Associated Press on condition of anonymity. 

    The test was organized by the Michigan Democratic party, which didn't notify the DNC, a person familiar with the incident told The Washington Post.

    The apparent false alarm comes two years after Russian operatives sent the party into disarray by hacking into its computers and facilitating the release of tens of thousands of emails amid the presidential election.

    Lord said that, in this case, an attack by a foreign adversary was ruled out, but that the test underscores the need for the organization to maintain a strong cyberdefense.

    "There are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn't an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks," he said.

    The attempt comes as Democrats gather for their summer meeting. The party's cybersecurity has been an issue since the 2016 presidential election, when Russian hackers compromised DNC servers and publicly revealed internal communications that exploited divisions between Bernie Sanders' and Hillary Clinton's campaigns as the two candidates vied for the Democratic presidential nomination. Hackers also accessed the email accounts of Clinton's campaign chairman, John Podesta, and systematically released the contents throughout the fall campaign.

    Judge Blocks Trump Birth Control Coverage Rules in 13 States

    [NATL-PHI] Judge Blocks Trump Birth Control Coverage Rules in Delaware, Other States

    A Trump Administration rule that would allow more employers to opt out of covering birth control from women will not take effect on Monday as scheduled. The rules would let employers claim exemption for religious or moral reasons. Delaware is one of the 13 states that sued to have the rule stopped.

    (Published Monday, Jan. 14, 2019)

    The apparent false alarm came a day after Microsoft announced it had uncovered similarly fraudulent websites created by Kremlin agents that spoofed two conservative outfits that are foes of Russia's president, Vladimir Putin, presumably to trick unwitting visitors into surrendering credentials.

    At a previously scheduled election security briefing Wednesday, Homeland Security Secretary Kirstjen Nielsen said the quick response to the apparent attempted DNC hack showed that the system was working "and that different entities understand who to reach out to," she said.

    "Any attack on a political party or a campaign is important for us all to take seriously," she said, emphasizing the government was doing all it could to help protect election systems ahead of the midterm elections. At stake is control of Congress, which could potentially switch from Republican to Democrat.

    Amid the news, a Senate committee abruptly postponed a Wednesday vote on legislation to help states prevent against election hacking, frustrating Democrats and at least one Republican on the panel.

    The vote was put off by the Senate Rules and Administration Committee after a bipartisan group of lawmakers spent months negotiating the legislation. The bill would aim to protect state election infrastructure by requiring that all states use backup paper ballots and conduct audits after elections, among other measures. It would also require DHS to immediately notify states if the federal government is aware that a state election system has been breached.

    A Senate Republican aide said the vote was postponed because secretaries of state had complained about certain provisions, including the type of audits the bill would require. The aide said additional Republican support would be necessary to move the legislation out of committee. The aide was not authorized to speak about the committee's reasoning and spoke on condition of anonymity.

    Trump Visits Southern Border to Make Case for a Border Wall

    [NATL] Trump Visits Southern Border to Make Case for a Border Wall

    President Donald Trump flew to Texas Thursday to tour the southern border and make the case for his proposed border wall. This comes as the federal government entered its 20th day of a partial shutdown. President Trump has refused to sign any bill that doesn’t include $5.7 billion in funding for the border wall.

    (Published Thursday, Jan. 10, 2019)

    Republican Sen. James Lankford of Oklahoma, one of the bill's sponsors, said after the vote's postponement: "Congressional inaction is unacceptable."

    The bill "will help states take necessary steps to further prepare our election infrastructure for the possibility of interference from not just Russia, but other possible adversaries like Iran or North Korea or a hacktivist group," Lankford said.

    The apparent DNC committee attempt wasn't mentioned at a Senate hearing on election security Wednesday, according to senators who were present.

    States have been scrambling to secure their election systems since it was revealed that Russian hackers targeted election systems in at least 21 states in 2016, though the number is likely greater. There has been no indication any vote tallies were changed. Nielsen said at the briefing that states should have auditing systems in part as a safeguard so the public knows the vote tallies can be trusted.

    In Tuesday's incident, a scanning tool deployed by the San Francisco security company Lookout detected a masquerading website designed to harvest the passwords of users of the login page of NGP VAN, a technology provider used by the Democrats and other liberal-leaning political organizations, said Mike Murray, the company's vice president of security intelligence. He said he contacted the DNC.

    The tool, which leverages artificial intelligence, has been in development for a year and wasn't tasked to scan any sites in particular but instead to identify phishing sites based on typical attributes, Murray said.

    Federal Workers Juggling Shutdown Stress

    [NATL-DC] Federal Workers Juggling Shutdown Stress

    "I just go to the gym and juggle. Just a way to escape everything," Barry Goldmeier said. He's one of thousands of government employees furloughed during the shutdown. News4's Shomari Stone spoke to a therapist about other ways furloughed workers can cope with the stress.

    (Published Wednesday, Jan. 9, 2019)

    "This is the beauty of AI: It finds things that humans don't know to look for," he said.

    He said the tool notified Lookout before the impostor page had even been populated with content. "As soon as we realized how fast it was developing, I decided to reach out to contacts that I know at the DNC." Murray also contacted the website hosting company, Digital Ocean.

    Ross Rustici, senior director for intelligence services at Cybereason in Boston, said a voter database is a juicy target for anyone trying to exacerbate political divisions in the U.S. or gain insight on political opponents.

    "The data housed in these types of databases would be incredibly useful both for domestic opposition research as well as for foreign intelligence and counterintelligence purposes," he said.

    Associated Press writers Mary Clare Jalonick, Frank Bajak and Mike Balsamo contributed to this report.