Democrats, tech vendors stop cyber attack aimed at campaigns

Democrats, tech vendors stop cyber attack aimed at campaigns

Lookout and DigitalOcean warned Democratic National Committee

Credit: Reuters

The U.S. Democratic National Committee stopped an attempted cyber attack on an internal website, a Democratic party official has told Reuters.

Cyber security firm Lookout and cloud service company DigitalOcean called the DNC to warn it about a fake login page for VoteBuilder, the party's voter data website.

Unidentified hackers appear to have created the page on Monday to trick people into revealing personal information such as usernames and passwords - a process known as phishing - another person familiar with the incident told Reuters.

The DNC reported the incident to the Federal Bureau of Investigation on Tuesday. The FBI declined to comment.

The warning comes just two years after the DNC was successfully breached by Russian government-linked hackers, according to U.S. intelligence officials. Moscow denies the allegation.

VoteBuilder, designed by election technology firm NGP VAN, is frequently accessed by state parties and campaign managers in the field. NGP VAN could not be reached for comment.

The fake page asked for users to input their username and password. Knowing that information, hackers could gain unauthorised access to campaign computers in the field.

The attempt was first reported by CNN on Wednesday.

"No bad actors were able to access VoteBuilder or change or delete any of our voter file information," said the Democratic official. "We believe that this was the beginning of a sophisticated attempt to hack into our voter file and we are treating it as such."

Mike Murray, a security researcher at Lookout, said no one fell for the ploy before the page was taken down.

Owner registry information used to launch the fake site on Monday was obfuscated, Murray said, making it unclear who was behind it.

“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks," said Bob Lord, the DNC chief security officer, in a statement.

As a result of the incident, the Democratic Congressional Campaign Committee, which shares a building with the DNC, was also forced to run tests on Tuesday to see if it too was targeted, a DCCC official said.

(Reporting by Christopher Bing; Editing by Damon Darlin and Bill Rigby)

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cyber



How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments