DNC detect an attempt to hack voter database: Someone tried to hack the Democratic National Committee – again.
The DNC, the formal governing body of the Democratic Party, told the FBI on Tuesday that it had discovered a “sophisticated attempt” by hackers to gain access to its voter database, according to CNN.
That voter database, held in a service called Votebuilder, includes sensitive information like addresses and phone numbers — likely of thousands of potential voters, donors, and more.
The hackers apparently created a fake website designed to look very similar to the real one that Democratic Party officials and campaigns use to log in to that database. The idea was that officials would try to log in to this fake page using their real usernames and passwords, thereby revealing that information to the hackers and enabling them to use it to log in to the real site and access the voter database. This tactic, called “spearphishing,” is one of the most common ploys hackers use to try to gain access to sensitive or private information.
The hackers even sent emails to DNC officials trying to get them to use the fake page.
The DNC only found out about the attack because a cybersecurity company in San Francisco called Lookout detected the fake website late Monday and alerted the company that hosts the DNC’s database. That company, DigitalOcean, says it took down the fake site “within hours.”
Lookout, which spotted the fake NGP VAN login page, says it quickly notified DigitalOcean, the site's hosting platform, and site was taken down "within hours."
DigitalOcean confirms, says it was told early Tuesday morning. Also says it's working with the DNC and law enforcement. pic.twitter.com/X5GPUj2XH3
— Eric Geller (@ericgeller) August 22, 2018
CNN, citing an unnamed “Democratic source,” says the DNC doesn’t currently believe that the hacking attempt was actually successful and “has no reason to believe its voter file was accessed or altered.”
The DNC has reportedly contacted the FBI to let it know about the hacking attempt. For now, it’s unclear what action, if any, the FBI is taking in response, though DigitalOcean said in a statement that it is working with the “appropriate law enforcement agencies” on the matter. The DNC also said it was investigating who the culprit might be.
It’s a good thing Lookout found what it did. The fake website “was very convincing,” the company’s vice president Mike Murray told CNN, adding that “it would have been a very effective attack” if it hadn’t been spotted so quickly.
Related: New Russian hacking attempt
The DNC was a cyber target before — and it didn’t go well
If you feel like you’ve heard this story before, it’s because you have — but it had a much worse ending last time around.
As the New York Times has reported in detail, the FBI discovered that a hacking group linked to the Russian government had gained access to at least one computer at the DNC.
But when the FBI contacted the DNC in September 2015 to let them know, the organization’s tech-support contractor didn’t do much with the information beyond performing “a cursory search of the DNC computer system logs to look for hints of such a cyberintrusion.” In fact, it took a whopping nine months before DNC officials even held a formal meeting with the FBI about it.
That was too little, too late. Russian hackers ultimately had access to the DNC’s network for seven months before top DNC officials knew about the attack or hired anyone to combat it. During that time, the hackers stole countless emails and documents, later releasing them to the public to try to damage the Hillary Clinton campaign.
Clearly, the DNC has learned its lesson this time around, and it has moved swiftly to let the FBI know about the attempt. What’s less clear is whether the DNC can stay just as vigilant — and move just as quickly — when the next attack comes.