'Misstep' by Michigan Democrats caused a cybersecurity scare and prompted the DNC to call the FBI

The Democratic National Committee said late Wednesday night that what it had ...

Posted: Aug 23, 2018 8:05 PM
Updated: Aug 23, 2018 8:05 PM

The Democratic National Committee said late Wednesday night that what it had earlier feared was the beginning of a sophisticated attempt to hack into its voter database, was, in fact, an unauthorized "simulated phishing test" and not an actual attempt to hack into its systems by an adversary.

The Democratic Party of Michigan confirmed to CNN on Thursday morning that it had made a "misstep" and was responsible for the scare.

Crime, law enforcement and corrections

Criminal offenses

Democratic National Convention

Digital crime

Digital security

Government and public administration

Political events

Political organizations

Political party conventions

Politics

Technology

US Democratic Party

US political parties

Banking, finance and investments

Business, economy and trade

Consumer loans and credit

Credit card crime

Credit cards

Fraud and financial crimes

Personal finance

Federal Bureau of Investigation

Government bodies and offices

Government organizations - US

US Department of Justice

US federal departments and agencies

US federal government

"We have taken heightened steps to fortify our cybersecurity -- especially as the Trump Administration refuses to crack down on foreign interference in our elections. In an abundance of caution, our digital partners ran tests that followed extensive training. Despite our misstep and the alarms that were set off, it's most important that all of the security systems in place worked," Brandon Dillon, the chair of the Michigan Democratic Party, said in a statement.

On Wednesday, Bob Lord, the DNC's chief security officer, briefed Democratic officials after detecting a fake login page that was designed to look like the access page Democratic Party officials and campaigns across the country use to log into a service called Votebuilder, which hosts the party's voter database, a Democratic party source told CNN.

The initial detection of the apparent hacking attempt by a cybersecurity firm on Monday prompted the DNC to call the FBI, the source said.

"This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks," Lord said in a statement released shortly after.

However, as the committee continued its investigation on Wednesday, it became clear that the apparent hack was not what it seemed.

In a statement, Lord said, "We have continued to investigate the phishing site reported to the DNC yesterday. We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder. The test, which mimicked several attributes of actual attacks on the Democratic party's voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors."

It is not uncommon for organizations to run tests to identify gaps in that organization's cybersecurity practices. However, in this case, Democrats in Michigan did so without the knowledge of the DNC.

"Cybersecurity experts agree this kind of testing is critical to protecting an organization's infrastructure, and we will continue to work with our partners, including the DNC, to protect our systems and our democracy," the chair of the Michigan Democrats said in a statement Thursday.

Lord said the DNC had taken the "necessary precautions to ensure that sensitive data critical to candidates and state parties across the country was not compromised."

"There are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn't an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks," he added.

The DNC's snafu comes amid reporting of other attempted hacks on Democratic campaigns. Last week, it emerged two Democratic primary campaigns in California had been breached earlier this year.

On Tuesday, Microsoft said it had thwarted part of a Russian military intelligence operation targeting the US Senate and conservative think tanks that advocated for tougher policies against Russia.

Article Comments

West Lafayette
Clear
19° wxIcon
Hi: 44° Lo: 31°
Feels Like: 12°
Kokomo
Clear
20° wxIcon
Hi: 42° Lo: 30°
Feels Like: 20°
Rensselaer
Clear
19° wxIcon
Hi: 41° Lo: 30°
Feels Like: 19°
Fowler
Clear
19° wxIcon
Hi: 42° Lo: 30°
Feels Like: 19°
Williamsport
Clear
23° wxIcon
Hi: 43° Lo: 31°
Feels Like: 23°
Crawfordsville
Clear
20° wxIcon
Hi: 44° Lo: 32°
Feels Like: 13°
Frankfort
Clear
22° wxIcon
Hi: 42° Lo: 30°
Feels Like: 15°
Delphi
Clear
22° wxIcon
Hi: 43° Lo: 30°
Feels Like: 22°
Monticello
Clear
22° wxIcon
Hi: 42° Lo: 30°
Feels Like: 22°
Logansport
Clear
21° wxIcon
Hi: 41° Lo: 29°
Feels Like: 21°
Mild with Rain by Sunday Night
WLFI Radar
WLFI Temps
WLFI Planner

Community Events