DNC says it thwarted hacking attempt on voter database
Editor's note: On Thursday, the Democratic Party said the suspected phishing attempt was in fact a test of the party's defenses against a cyber intrusion. The original story appears below.
The Democratic National Committee says it has thwarted an attempt to hack its database that houses information on tens of millions of voters across the country.
A party official said DNC contractors notified the party Tuesday of an apparent hacking attempt. The committee notified law enforcement. The official said no information was compromised.
The party official said it's not clear what third party was attempting the hack.
Bob Lord, the DNC's chief security officer, briefed the leaders of state parties on the attempt at a party gathering Wednesday morning in Chicago. The DNC distributes the voter file to state parties for Democratic candidates to use the information to target voters during campaigns.
"This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks," Lord said in a statement. He said President Donald Trump isn't doing enough to protect American democracy.
"We can't do this alone," he said. "We need the administration to take more aggressive steps to protect our voting systems."
The Democratic official described the latest attempt as a sophisticated phishing operation in which a hacker used a fake login page in an attempt to secure passwords, the presumed purpose being to access the voter files. The DNC says its cloud service provider was able to suspend the attacker's account.
CNET Senior Producer Dan Patterson told CBSN Wednesday that the attempt was "very concerning" due to the simple nature of the hack.
"These types of attacks are incredibly simple and often the most simple techniques are the most widespread techniques," he said. Patterson explained that databases typically used by campaign and election sites are based on a common database management system, MySQL, which allows users to easily "exploit and imprint bad data."
"It's easy to invade the website of organizations like the DNC and it's easy to implant bad information, it's so easy we see phising on the rise everywhere this election season," said Patterson.
News of the hacking attempt comes after Microsoft announced Tuesday it had uncovered new Russian hacking attempts targeting U.S. political groups ahead of the midterm elections.
The company said a hacking group tied to the Russian government created fake internet domains that appeared to spoof two American conservative organizations: the Hudson Institute and the International Republican Institute. Other fake domains were designed to look as if they belonged to the U.S. Senate.
Patterson said that political parties need to put aside any type of divide we have behind in order to adequately combat bad actors.
"When we look at government, when we we look at politics we are now so divided and so partisan in part bec of whats happenign on social media, that we seem unabel to protect our own poltical crown jewls,
He added, "We need to be able to lock down and encourage trust in our election system and what these actors are trying to do right now, the large goal is to undermine faith and confidence and trust, in not just the electoral system, but other institutions, and right now, it looks like they're pretty successful."
