Hackers suspected in new attack on Democrats
Hackers apparently affiliated with Russian intelligence have launched a cyberattack targeting donors to the Democratic Party’s House campaign arm, sources and news reports said Thursday night, adding to the troubles unleashed by last week’s disclosure of embarrassing internal emails from the Democratic National Committee.
The latest hack, aimed at the Democratic Congressional Campaign Committee, was perpetrated by one the two Russian-based groups previously blamed for rifling through the DNC’s computer networks and making off with emails and other documents, a security expert familiar with the latest breach told POLITICO. But this new attack “appears to be a bit different” the source said.
“It’s part of a broader intelligence collection effort,” the source said, adding: “It’s maybe an attempt to harvest credentials. ... It’s not an email grab like the DNC.”
Even so, it ought to stoke anxiety for people throughout the political process, said Jim Manley, a former top spokesman for Senate Democratic leader Harry Reid.
“Everybody at the different campaign committees better get used to to idea that their computer systems have been hacked by bad actors and plan accordingly, because we may be headed in to unchartered territory here,” Manley said by email.
The latest attack, which Reuters first reported less than three hours before Democratic nominee Hillary Clinton gave her acceptance speech in Philadelphia, will certainly increase scrutiny of the party’s cybersecurity, as well as the Clinton campaign’s allegations that Russian hackers are trying to interfere in the presidential election to aid Donald Trump. The DNC and DCCC have offices at the same address near Capitol Hill.
Reuters said the newest exploit involved creating a bogus website whose name closely resembled that of a company that processes donbations for the DCCC.
Cybersecurity experts inside and outside the government have said the breach of the DNC’s computers appears tied to Russian intelligence services, but the administration has not officially blamed a culprit or specified a motive for the attack. The security firm CrowdStrike has blamed the DNC breaches on two entities, dubbed Cozy Bear and Fancy Bear, that appear to have ties to major Russian intelligence services.
The FBI is investigating the DNC hack as a criminal matter. It didn’t respond to multiple requests for comment from POLITICO about the reported attack on the DCCC. The White House referred questions to FBI.
Reuters said the DCCC attack could have begun as recently as June, the same month the DNC hack became publicly known.
Reuters said: “That was when a spoof website was registered with a name closely resembling that of a main donation site connected to the DCCC,” apparently referring to ActBlue. “For some time, Internet traffic associated with donations that was supposed to go to a company that processes campaign donations instead went to the spoof site, two sources said.”
The fake site’s internet protocol address “resembled one used by a Russian government-linked hacking group,” Reuters added.
ActBlue executive director Erin Hill said in a statement that her organization’s “systems, servers and donor information is, was and remains secure.”
“We, as ActBlue, were not hacked, we pride ourselves on our security protocols and want all of our donors and express users to know that their information was not compromised,” Hill said.
Also on Thursday, two dozen former Republican national security officials urged Congress in a letter to investigate the DNC breach, calling it “an assault on the integrity of the entire American political process.”
“This is not a partisan issue,” argue the letter’s signers, including Ronald Reagan State Department official Robert Kagan, George W. Bush deputy national security adviser Elliott Abrams and former John McCain speechwriter Mark Salter. The letter was first reportedby The Washington Post.
Eric Geller, Scott Bland, Nancy Scola and Elana Schor contributed to this report.