This article is from the source 'nytimes' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at https://www.nytimes.com/2018/08/22/technology/democratic-party-says-it-has-thwarted-attempted-hack-of-voter-database.html

The article has changed 5 times. There is an RSS feed of changes available.

Version 2 Version 3
Democratic Party Says It Has Thwarted Attempted Hack of Voter Database Democratic Party Says It Thwarted Attempted Hack of Voter Database
(about 1 hour later)
SAN FRANCISCO — The Democratic National Committee said on Wednesday it was alerted to an attempted hack of its voter database this week and has notified law enforcement about the incident. SAN FRANCISCO — The Democratic National Committee said Wednesday that it was alerted to an attempted hack of its voter database this week and that it had notified law enforcement.
A cybersecurity researcher from a firm called Lookout contacted the D.N.C. on Tuesday about the attempted intrusion, said two officials briefed on the matter who were not authorized to speak publicly. The effort to target the Democratic Party’s voter file, known as Votebuilder, was not successful, and a party official said the identities of the culprits were unclear. When the Democratic National Committee was hacked in 2016 during the presidential campaign, the incident was traced to Russia.
The F.B.I. is investigating, according to one of the officials. But the attempted hack, which was described as sophisticated, was not successful, the committee. said. This week’s attempt was aggressive, two officials briefed on it said. The hackers set up a fake page that mimicked the party’s login page for its voter-registration website, a tactic that could gather names, passwords and other credentials of those using the voter database. The hackers also may have sent emails to people within the national committee to try to trick them into using the fake page, a tactic known as “spearphishing,” the officials said.
A Democratic Party official said the identities of those who attempted the hack were unclear, adding that the target of the effort was the party’s voter file, known as Votebuilder. The D.N.C. was hacked in 2016 during the presidential election campaign, and the incident was later traced back to Russia. The Federal Bureau of Investigation is looking into the incident, one of the officials said.
The two officials said the hackers had this time set up a fake D.N.C. login page that mimicked the political party’s real website, in order to gather the names, passwords and other credentials of those using the voter database. The hackers may also have sent emails to people within the committee to try and trick them into using the fake login page, a tactic known as spearphishing, the officials said. “This attempt is further proof that there are constant threats as we head into midterm elections, and we must remain vigilant in order to prevent future attacks,” said Bob Lord, chief security officer for the Democratic National Committee. He called the voter file “the party’s most sensitive information.”
“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” said Bob Lord, chief security officer for the D.N.C. The combination of this attack on the committee, continued influence operations by Russia and others using social media, and efforts to breach think tanks underscores that the cyber age has changed elections forever. So many systems are vulnerable to manipulation, from the voter-registration systems in the 50 states to the inner workings of the parties, that the opportunities for foreign and domestic manipulation are many.
“While it’s clear that the actors were going after the party’s most sensitive information the voter file the D.N.C. was able to prevent a hack by working with the cyber ecosystem to identify it and take steps to stop it,” he said in a statement. “The focus has gone from using the cyber realm to steal secrets to using it to impose national power,” Rob Joyce, the White House cybersecurity coordinator until the position was eliminated a few months ago, said this month at Defcon, an annual convention that focuses on hacking and defenses against it.
Lookout confirmed that it had been in touch with the D.N.C., and the attempt was also detected by DigitalOcean, a cloud service provider. Ahead of the midterms, political groups and government organizations have been on high alert for new hacks and foreign meddling. Microsoft said this week that it had detected that hackers tied to Russian intelligence targeted the Senate and conservative think tanks in the United States, also by creating fake websites.
Ahead of the midterm elections, political groups and government organizations have been on high alert for hacking attempts and foreign interference. And after Facebook last month identified a political influence campaign aimed at potentially disrupting the midterms, the company said this week that it had uncovered other disinformation efforts targeting people around the world.
Earlier this week, Microsoft said it had detected attempts by hackers tied to Russian intelligence, which targeted the Senate and conservative think tanks in the United States, also by creating fake websites of those groups. On Sunday, John R. Bolton, the national security adviser, suggested that Russia was not the only threat in the November elections.
Facebook last month also identified a political influence campaign aimed at potentially disrupting the midterms, and this week said it had uncovered other disinformation efforts targeting people around the world. “I can say definitively that it’s a sufficient national security concern about Chinese meddling, Iranian meddling and North Korean meddling that we’re taking steps to try and prevent it,” Mr. Bolton said in an interview with ABC.
The hack of the D.N.C. in 2016 resulted in thousands of confidential emails being released. The emails embarrassed Democratic presidential candidate Hillary Clinton, and may have helped to boost Donald J. Trump as a candidate. Many of the hacking attempts are mimicking the techniques that were used to penetrate the Democratic National Committee in 2016. At the time, Russian state-backed hackers used trick emails to take senior party officials, including Hillary Clinton’s campaign chairman, John D. Podesta, to a page that looked identical to a password screen for Google’s email service, Gmail. In fact, the page gave attackers access to the officials’ accounts.
CNN earlier reported the attempted hack of the D.N.C. Many of the warnings the national committee received several years ago about potential attacks either were ignored or did not reach the right individuals.
Mr. Lord said the White House also needed to get involved. Since then, the committee has taken steps to improve its cybersecurity. This year, it hired Mr. Lord, who previously held top technology roles at Yahoo and Twitter, and Raffi Krikorian, a former Uber executive, as its chief technology officer.
“These threats are serious and that’s why it’s critical that we all work together, but we can’t do this alone,” he said. “We need the administration to take more aggressive steps to protect our voting systems.” The party’s team has put new security practices into place and begun testing employees in spearphishing drills to see if they will click on the malicious emails. The national committee has also improved its cooperation with the F.B.I., according to law enforcement officials.
The Votebuilder database is a particular prize for hackers because it contains personal details on Democratic voters that could be used to unlock other information, including personal email accounts and files. A successful penetration of the database could have set off other hacks in a domino effect, cybersecurity experts said.
A cybersecurity researcher from a firm called Lookout contacted the Democratic National Committee on Tuesday about the attempted intrusion, the two officials briefed on the matter said. Lookout confirmed that it had been in touch with the committee, and the attempt was also detected by DigitalOcean, a cloud service provider. CNN earlier reported the new hacking attempt.
Lookout first detected the fake website late Monday, using a newly built artificial intelligence system that spots fake sites as they are created, said Mike Murray, the company’s vice president of security intelligence.
“We realized the significance,” he said. “Within hours, we started waking up people to get them on the phone.”
Because the website was caught so quickly, it is impossible to know who the hackers were or how they planned to use the site, Mr. Murray said. Such attacks are easy, he said, because anyone with decent programming skills can make a fake website in a few hours.
“The adversaries are becoming more sophisticated in how they use these websites, but the attack is the same,” he said.
Mr. Lord said the White House also needed to get involved to improve cyberdefenses.
“These threats are serious, and that’s why it’s critical that we all work together, but we can’t do this alone,” he said. “We need the administration to take more aggressive steps to protect our voting systems.”
The attempted hack was revealed as the Department of Homeland Security’s cybersecurity division hailed its efforts to protect the nation’s election systems from foreign intrusions.
During a tour of the agency’s National Cybersecurity and Communications Integration Center near Washington on Wednesday, Kirstjen Nielsen, the homeland security secretary, and Christopher C. Krebs, her top deputy for cybersecurity, said the department was more prepared than it had been during the 2016 elections.
“We are better positioned than at any time in history,” Ms. Nielsen said, standing before a bank of computers and giant monitors showing real-time threats to the nation’s cyber and physical infrastructure.