1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

The Michigan Democratic Party tried to hack the DNC but forgot to warn them first

By William Gayde · 6 replies
Aug 23, 2018
Post New Reply
  1. This past Tuesday, the Democratic National Committee reported to the FBI that it had been targeted by a sophisticated cyberattack and they were proud of the fact that they had thwarted the attack. In a surprise reversal today, the DNC announced it was all a false alarm. It turns out the "attack" was just a friendly security test done by some volunteers and researchers in Michigan.

    The incident consisted of a phishing attack to gain access to the party's master voter database. The firm conducting the test, DigiDems, created a fake login page that was emailed to DNC officials. This page would then steal the password of anyone that tried to log into the VoteBuilder database. This is a closely guarded list containing the personal information of registered democratic voters and donors. It could be extremely valuable to adversaries so access is closely monitored.

    In a statement to NPR, a party official described the test as being actually carried out by white hat workers at the Michigan Democratic Party. Unfortunately, members of the state party never communicated to the national office about the test.

    This kind of penetration tests are very common in the industry as a way to find weak points in an institution's security. However, the company whose security is being tested usually knows about such a test in advance.

    DNC security officer Bob Lord said in a statement that "there are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn’t an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks.”

    The DNC was attacked by Russian hackers during the 2016 election so it's no surprise they are on high alert for future incidents.

    Permalink to story.

    Last edited by a moderator: Aug 23, 2018
  2. Evernessince

    Evernessince TS Evangelist Posts: 4,008   +3,503

    Each state should be hiring professionals to get our election system ready for mid-terms. There are only a few months left and nothing has really changed since 2016. That's not good.
    Reehahs and Satish Mallya like this.
  3. gamerk2

    gamerk2 TS Maniac Posts: 261   +161

    Well, one party shot down a measure increasing funding for election security; they said they felt there wasn't enough evidence to prove increased funding was warranted.

    Fact is, Putin has learned time and time again he can meddle basically anywhere and get away with it. This all goes back to George W. not pushing back against the invasion of Georgia. Putin's ambitions continue to expand, and no one is willing to stop him.

    If you look at the way things are going, the similarities to the 1930's are stark.
  4. Cyber Citizen

    Cyber Citizen TS Rookie

    The behavior of the Michigan Democratic Party is unacceptable and its leaders should resign. Also, I hope their Russin ties are investigated to the fullest.
  5. Theinsanegamer

    Theinsanegamer TS Evangelist Posts: 1,550   +1,768

    If your party and candidate can be defeated by some russians buying some ads supporting burnie on facebook and pepe memes, your party and candidate are ****.

    Constantly blaming benal russian ads for burnie for the reason trump won the election only shows that the democrats havent learned ANYTHING since 2016, and are guaranteeing their failure in 2018.

    Also, the democrats were all buddy buddy with russia until late into obama's second term. If russia has been doing this since bush, then wouldnt the democrats also be guilty of collusion with the russians? Did obama win thanks to russian influence?
    ctm17 likes this.
  6. Evernessince

    Evernessince TS Evangelist Posts: 4,008   +3,503

    Dude, chill out. No one said anything about Russians, Democrats, or anything else. If you are going to go on a political rant, go somewhere else. Whataboutism doesn't work here.

    Otherwise the importance of securing our elections should go without saying. If you don't support fair and equal elections then I have nothing else to discuss with you.
  7. isamuelson

    isamuelson TS Booster Posts: 117   +17

    Actually, not informing them of the test IS good practice. Our company does it all the time, sending out fake emails. If you click the "phish" button instead to report it, you usually get a notification that you did a good thing. However, if you don't report it and click the link, you'll then get a training ticket assigned to you to retake the online cyber security training within our company's training web site. So, complaining that they didn't have ample notice is basically trying to lay the blame on someone else rather than taking ownership of their stupidity. Maybe now they'll be less likely to click on links.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...