In the summer of 2016, both the Democratic Congressional Campaign Committee and the Democratic National Campaign reported hackers infiltrating their systems. Since the attacks, confidential campaign documents, donor information, and the private emails and phone numbers of over 200 party officials have leaked on the Internet. So how did hackers manage to break into a government entity? And what does this mean for cybersecurity in America?
How Russian Hackers Infiltrated the DNC
An investigation by CrowdStrike, the security company hired by the DNC after the attacks, revealed that two sophisticated Russian hacker organizations are responsible for the DNC breach: COZY BEAR and FANCY BEAR. These names aren’t new in the world of politically motivated hacks, CrowdStrike states.
In 2015, COZY BEAR successfully invaded the unclassified sectors of the White House, US Joint Chiefs of Staff, and State Department. FANCY BEAR, which has existed since the mid-2000s, has infiltrated aerospace, defense, energy, and government organizations. The hackers did not gain access to the thousands of credit card numbers used by Americans to make donations to the Clinton campaign. Instead, they filched emails and political documents, leading CrowdStrike to believe that COZY BEAR and FANCY BEAR are affiliated with the Russian government.
Both groups specialize in spear phishing, the technique used to gain access to the DNC. From commonplace Facebook hacks to highly sophisticated espionage attacks, phishing is a popular technique used by hackers, with 80% of all malware implemented via phishing. Phishing refers to when cybercriminals create a fake website that closely mimics a real domain, tricking the victim into entering his or her login, password, or sensitive information. Spear phishing is when hackers target a specific individual by sending them a link to the phishing site from an email address that the victim recognizes and trusts. When hackers target a high-profile individual such as a CEO or administrator, this is known as whaling.
FireEye reports that the Russian hacking group created a false website called Act Blues, which mimicked the real fundraising website Act Blue. A target at the DNC bit the hook, opening a backdoor to the DNC that gave hackers access to thousands of confidential files and emails.
A Lack of Cybersecurity at the DNC
It may come as a surprise that a government entity would be so vulnerable to cyber attacks. However, the leaked DNC emails reveal a troubling look at the DNC and DCCC’s cybersecurity practices, particularly the transfer of sensitive information via email. In one ironic email, a DNC assistant writes that the Democratic campaign blog Factivists has been hacked: “We have been compromised! But it’s all okay. Here is our new password: ‘HHQTevgHQ@z&8b6’. It will now change every few weeks to prevent future issues. So as it is re-set, I will forward it along.”
On a separate occasion, Secret Services requested that attendees of a fundraising dinner with President Obama supply sensitive information such as names, addresses, and social security numbers before the event. The DNC requested that participants email their information. Despite that the DNC informed attendees that they could supply information by phone if they felt uncomfortable sending it via email, many employees clicked the send button, sending their private information hurtling into an insecure cyberspace.
What We Can Learn
In much the same way that major breaches like Target and Anthem have affected millions of Americans, the DNC hack is wreaking widespread havoc. But this time, the damage is affecting America in unprecedented ways that could shape the future of our nation. How this breach will impact the presidential campaign is yet to be seen, but in the wake of the confusion, there are a few things we can glean from the situation.
The first is that, even with high-end security systems in place, all organizations are at risk for cyber attacks. There is no doubt that the DNC had top-notch firewalls and security software at the time of the attack. However, a study by IBM shows that 95% of security breaches are the result of human error. Cybersecurity begins with employees. That’s why company-wide discussions about cybersecurity should be a top priority, and employees should be trained in and implement cybersecurity best practices.
On a larger scale, the DNC hack calls for a national discussion on the cyber infrastructure of America. Each year, millions of Americans are robbed of personal information in cyber attacks, and the damage trickles upward as companies lose loyal customers and suffer from fines and profit loss. The ways that hackers are affecting America are changing, and the need for cybersecurity solutions is more pressing than ever.