The Democratic National Committee called the FBI Tuesday, after discovering what the DNC says was the early phase of a sophisticated phishing attempt to hack its voter database.
CNN reports that the DNC was first alerted in the wee hours of Tuesday morning by “a cloud service providers and a security research firm” that a bogus login page had been created by a malicious actor who was trying to collect usernames and passwords they could use to then gain entry to the Democratic Party voter database.
The DNC, the cloud host, and the security researchers all believe they effectively halted an attack.
No official word on who was behind the attack, at this time.
And no comment yet from the FBI.
The fake page was designed to look exactly like the login page Democratic Party officials and campaigns across the country use for ‘Votebuilder,’ which hosts the DNC’s database.
The bad guys’ idea was to spoof a familiar site and get users to hand over their login credentials, then misuse those credentials for who knows what nefarious purpose.
The DNC is said to be investigating who was responsible for the attempted attack, and has no reason to believe its voter file was accessed or altered.
The page was initially discovered late Monday by Lookout, a San Francisco-based cybersecurity firm. The company doesn’t work for the DNC but alerted the party to its findings, Mike Murray, the company’s vice president of security intelligence, told CNN on Wednesday.
Murray said that a link to the page could have been sent to Democrats by email or through other online platforms in a spearphishing operation.
“It was very convincing,” Murray said, adding that if a person were to see the real login page and the fake login page side-by-side, it would be difficult to tell them apart. “It would have been a very effective attack,” he said.
The fraudulent page was hosted on a cloud computing platform called DigitalOcean, which took action to remove the page as soon as it was alerted by Lookout, the cloud company said.
“We see no evidence that any sensitive data was stolen and our initial investigation indicates that we were able to address this threat prior to the attack being launched,” Josh Feinblum, chief security officer at DigitalOcean, said in a statement.The DNC’s chief security officer Bob Lord, a former Yahoo! executive, briefed Democrats on the attempted attack at a meeting of the Association of State Democratic Committees in Chicago on Wednesday.
“These threats are serious and that’s why it’s critical that we all work together, but we can’t do this alone. We need the (Trump) administration to take more aggressive steps to protect our voting systems. It is their responsibility to protect our democracy from these types of attacks,” Lord said in a statement to CNN.
NEW: No comment from @FBI in response to questions about the apparent attempted phishing attack targeting a @DNC tech provider
— Jeff Seldin (@jseldin) August 22, 2018
The most newsworthy element of this story is that DNC actually picked up the phone and called the FBI. Big improvement between them and the feds on dealing with cyber intrusions since 2016. https://t.co/I2gum4iing
— Dustin Volz (@dnvolz) August 22, 2018
FBI called DNC repeatedly to try to tell them they had a problem. DNC staffer was skeptical it was really the FBI and was org was slow to awaken to the problem. Both sides could have handled the situation a lot better, and so far it seems like this time around they are doing so.
— Dustin Volz (@dnvolz) August 22, 2018
Nielsen referred most DNC attempted hacking questions to the FBI. Wouldn't say if the scale of attacks vs. political actors and institutions is rising. Reiterated that scale and scope of Russian efforts to undermine '18 remain lower than '16 but that could change any moment.
— Joseph Marks (@Joseph_Marks_) August 22, 2018
The DNC reportedly alerted the FBI Tuesday to what it believed to be a hacking attempt against its voter database https://t.co/C4wARA4uUq
— The Daily Beast (@thedailybeast) August 22, 2018