KETR

Democratic National Committee Says It Caught Cyberattack In The Act

Aug 22, 2018
Originally published on August 23, 2018 3:37 pm
Copyright 2018 NPR. To see more, visit http://www.npr.org/.

AILSA CHANG, HOST:

The Democratic National Committee said today that it caught a cyberattack in the act. The attempt to compromise the DNC voter database did not succeed, but it's only the latest example of attempts to access or manipulate or weaponize data in this constantly shifting information environment.

NPR political reporter Tim Mak has been covering this story and joins us now. Hey, Tim.

TIM MAK, BYLINE: Hey there.

CHANG: So what does the DNC say happened here?

MAK: OK, so the system which houses the Democratic Party's voter file - that's information the DNC has compiled on U.S. voters - was apparently the planned target of a complex but ultimately unexecuted cyberattack. So the attackers are of unknown origin, but they tried to create a fake login page that looks like an attempt to gather passwords from Democratic officials. Now, from all appearances, the DNC was able to stop the attack at an early stage thanks to a warning from an outside security firm called Lookout. Ultimately, no outside actors were able to get access to the DNC's voter file.

CHANG: So we've heard so much about the big cyberattack against the DNC in 2016. How is this one different?

MAK: So the DNC was caught totally flatfooted in 2016.

CHANG: Yeah.

MAK: And a lot of us weren't really even considering the issue of cyberattacks...

CHANG: That's right.

MAK: ...And informational warfare. And it was a disaster during the 2016 campaign from the DNC's perspective. The attack in 2016 - of course it penetrated the DNC's systems. It stole countless emails. And the result was a leak of embarrassing internal Democratic communications. So what's happening today? The DNC's trying to get out in front of it. They're emphasizing how competent their security protocols are, their swift effort to contact law enforcement and the steps they're taking to secure their systems. They really want to send the message that they're not going to allow what happened in 2016 to happen again this election cycle.

CHANG: OK, let's step back for a moment. Last night, Facebook said it discovered a political influence campaign on its network. Tell us about what it found last night.

MAK: It has really been a wild day and a half in the world...

CHANG: It really has.

MAK: ...Of information warfare, which is what this is. I mean, last evening, Facebook announced that it discovered and disrupted a coordinated disinformation campaign originating in Iran. That campaign involved some 652 pages with close to a million Facebook followers and thousands of dollars of advertising buys. Twitter also announced it had removed hundreds of accounts for similar reasons.

CHANG: I mean, hasn't this kind of activity been connected to Russia more often in the past? Where does Iran fit in?

MAK: It really looks like the Iranian campaign we saw - it took a page out of Russia's playbook. Along with the Iranian campaign, Facebook also announced that it had disrupted new Russian accounts. So that was that on top of everything. And three weeks ago, Facebook shut down in a separate incident more than 30 Russian accounts with hundreds of thousands of followers similar to what we saw in the campaign that the Iranians were apparently behind. And yesterday, Microsoft in yet another announcement said that they had shut down an attempted attack on conservative think tanks and the U.S. Senate by a Russian hacking group called Fancy Bear.

CHANG: This is all feeling very overwhelming. And now with midterm elections approaching, I imagine we may see a lot more of these kinds of attacks. Is the U.S. preparing for that?

MAK: Well, it certainly does feel like there are more attacks incoming. But the United States hasn't really aggressively responded in the cyber domain. Here's what national security analyst Clint Watts told our colleague Alina Selyukh.

CLINT WATTS: There's been no response mounted. The United States has not put forward a strong cyberdefense. They have not pushed back in a very strong way strategically.

MAK: We've just had tech companies go repeatedly public. We just talked about that a few seconds ago, that they've got announcements of disrupting foreign state actors and these disinformation campaigns - just constant churn. And there's not a lot of reason to think it will stop anytime soon.

CHANG: That's NPR's Tim Mak. Thanks, Tim.

MAK: Thank you. Transcript provided by NPR, Copyright NPR.