News of an attempted voter database hack announced earlier this week was a false alarm, the Democratic National Committee announced this morning.
It was initially thought that hackers had used a spearphishing attack to acquire user credentials and access to the DNC’s voter database, an approach that closely mirrored a similar hack announced earlier this week by Microsoft. That exploit originated with the Russian government. It was later found to be a simulation phishing attack contracted by the Michigan Democratic Party and mis-identified as a legitimate attempt.
Voter data is regarded by political parties as their most valuable information. Because it includes personally identifiable information hackers can use it for many purposes, ranging from identity theft (apolitical) to the swaying of votes via targeted social media campaigns (fake news, etc). Evidence of the latter was found to have been used in a three year campaign from the Russian government to damage Hillary Clinton’s unsuccessful presidential bid in 2016.
The non-attempt was initially discovered by the security firm Lookout and brought to the DNC’s attention. Lookout VP of Security Mike Murray clarified the initial finding in a tweet this morning, stating “[t]he thing about ‘false alarms’ is that you don’t know that they’re false until you’ve showed up to investigate. All the folks who pulled together on this were amazing, and had this been a real attack, would have stopped something terrible.”
Businesses, political parties, and government officials all over the country are in a state of high alert for potential election interference as the 2018 midterms come closer. Facebook and Twitter recently announced the discovery of political influence campaigns on their social networks, elected officials have reported evidence of hacks on their own computers.
Because election security happens at the state and local level, issues persist that could complicate the upcoming election. National standards are still lacking. In the meantime, voting officials have to fend for themselves in what functionally remains a Wild West cybersecurity environment.