14:03 GMT +316 June 2019
Listen Live
    Cybercrime

    Boo! Democrats Scared by Their Own Hack Test, Called FBI

    CC0
    US
    Get short URL
    313

    The Democratic National Committee (DNC) is reversing their narrative on a widely reported hacking attempt against them on Tuesday. Now, they’re saying there was no real threat ‒ rather, the alarm was triggered by a test paid for by the DNC.

    The DNC brought out the big guns when they thought they were getting hacked on Tuesday, informing the FBI that they had been targeted by a sophisticated spear-phishing campaign, complete with a mock website designed to mimic the actual website the party uses to hold its "VoteBuilder" voter database.

    ​Phishing often works like this: a target is sent an email that purports to be from a website they often use, but is a fake. When the target enters their username, password or any other sensitive information into the fields provided or linked to in the email, that information goes to to person who set up the fake. While phishing emails are often sent out en masse, spear-phishing denotes a phishing attempt that is targeted at specific people or organizations. As spear-phishing attacks are narrower in scope, they are often quite sophisticated and aimed at high-value targets.

    If the "hacking attempt" had been successful, it would have compromised not just the DNC staffers' login information, but a trove of home addresses and phone numbers belonging to potential voters and party donors.

    The only problem? It wasn't a spear-phishing campaign at all. The "hacking attempt" discovered by a Democratic contractor called Lookout, a San Francisco-based cybersecurity firm, was actually a testing operation by another company called DigiDems, which the Michigan Democratic Party had paid to probe DNC systems.

    Someone didn't get the memo.

    Nonetheless, Democrats are still patting themselves on the back. "The party took the necessary precautions to ensure that sensitive data critical to candidates and state parties across the country was not compromised," DNC chief security officer Bob Lord said in a Thursday statement.

    While the DNC said initially that they thwarted the attack, and then that it wasn't an attack, but they still handled it appropriately, they apparently see the confusion over the test they ordered as cause to "continue to be vigilant," Lord said, calling the false alarm paid for by the party even "further proof" of the need for such vigilance.

    While Tuesday's events definitely were not a hack, whether the intrusion into their servers during the 2016 elections was one remains disputed by experts.

    Related:

    'No, It's Hillary': Twitter Bursts as DNC Chair Calls Obama 'Real US President'
    DNC’s ‘PR Stunt’ Russia Lawsuit Reveals Dishonest Campaign Fraud Defense
    Vault 7, DNC Hacking: How Comey's Intervention Upset DOJ Deal With Assange
    The DNC Hacking Story - Exploring the Connections
    Unprecedented: DNC’s Lawsuit Against WikiLeaks Threatens to Suppress Free Speech
    Roger Stone to Use DNC Lawsuit to Examine DNC Servers, Solve ‘Hacking’ Mystery
    Tags:
    hack, DNC, hacking
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik