Democrats, tech vendors stop cyberattack aimed at campaigns

By Christopher Bing

(Reuters) – The U.S. Democratic National Committee stopped an attempted cyberattack on an internal website, a Democratic party official told Reuters on Wednesday.

Cybersecurity firm Lookout and cloud service company DigitalOcean called the DNC to warn it about a fake login page for VoteBuilder, the party’s voter data website.

Unidentified hackers appear to have created the page on Monday to trick people into revealing personal information such as usernames and passwords – a process known as phishing – another person familiar with the incident told Reuters.

To get more stories like this, subscribe to our newsletter The Daily.

The DNC reported the incident to the Federal Bureau of Investigation on Tuesday. The FBI declined to comment.

The warning comes just two years after the DNC was successfully breached by Russian government-linked hackers, according to U.S. intelligence officials. Moscow denies the allegation.

VoteBuilder, designed by election technology firm NGP VAN, is frequently accessed by state parties and campaign managers in the field. NGP VAN could not be reached for comment.

The fake page asked for users to input their username and password. Knowing that information, hackers could gain unauthorized access to campaign computers in the field.

The attempt was first reported by CNN on Wednesday.

“No bad actors were able to access VoteBuilder or change or delete any of our voter file information,” said the Democratic official.

“We believe that this was the beginning of a sophisticated attempt to hack into our voter file and we are treating it as such.”

Mike Murray, a security researcher at Lookout, said no one fell for the ploy before the page was taken down.

Owner registry information used to launch the fake site on Monday was obfuscated, Murray said, making it unclear who was behind it.

“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” said Bob Lord, the DNC chief security officer, in a statement.

As a result of the incident, the Democratic Congressional Campaign Committee, which shares a building with the DNC, was also forced to run tests on Tuesday to see if it too was targeted, a DCCC official said.

(Reporting by Christopher Bing; Editing by Damon Darlin and Bill Rigby)


Copyright PoliticusUSA LLC 2008-2023