An attempt to hack the Democratic National Committee’s US voter database has been thwarted.An attempt to break into the Democratic National Committee’s voter database has been thwarted, two years after Russian operatives hacked into the organisation’s systems and facilitated the release of tens of thousands of emails amid a US presidential election.
A cyber security firm uncovered the plot, which involved creating a fake login page to gather usernames and passwords in order to access the Democratic Party’s voter database, a DNC official, who was not authorised to speak publicly on the matter, said.
The voter file contains information on tens of millions of voters and the FBI has been notified of the attempt to access it.
Government and tech officials say it’s too early to know who was behind the attempt.
The attempt came as Democrats gather for their summer meeting.
The party’s cybersecurity has been an issue since the 2016 presidential election, when Russian hackers compromised DNC servers and revealed internal communications that exposed divisions between Bernie Sanders’ and Hillary Clinton’s campaigns as they vied for the Democratic presidential nomination.
Hackers also accessed the email accounts of Clinton’s campaign chairman, John Podesta, and systematically released the contents throughout the campaign.
Bob Lord, the DNC’s chief security officer, said the attempt showed how serious the cyberthreat is and why it’s critical that state and federal officials work together on security.
“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” Lord said in a statement, adding US President Donald Trump was not doing enough to protect American democracy.
Previously, Trump has mocked the DNC’s cybersecurity and cast doubt on US intelligence officials’ findings that Russia was involved.
Homeland Security Secretary Kirstjen Nielsen said on Wednesday the quick response to the attempted hack showed the system was working.
In Tuesday’s incident, a scanning tool deployed by the security firm Lookout detected a masquerading website designed to harvest the passwords of users of the login page of NGP VAN, a technology provider used by the Democrats, Mike Murray, the company’s vice president of security intelligence, said.
The tool, which leverages artificial intelligence, has been in development for a year and wasn’t tasked to scan any sites in particular but instead to identify phishing sites based on typical attributes, Murray said.
“This is the beauty of AI: It finds things that humans don’t know to look for,” he said.
“As soon as we realised how fast it was developing, I decided to reach out to contacts that I know at the DNC.”
Murray also contacted the website hosting company, Digital Ocean.