One of the undercover moles scampering around Capitol Hill speed-dialed CNN Tuesday morning, to leak some fresh breaking news. The Democratic National Committee notified the Federal Bureau of Investigation “it detected what it believes was the beginning of a sophisticated attempt to hack into its voter database.” The big problem for the Democrats is they can’t prove it was the Russians… but they’re trying.
A “Democratic source” informed CNN that “the organization received an alert,” that “a fake login site had been created to try and obtain usernames and passwords from those seeking to access the database.” Which is technically not a hack, but a sophisticated spear phishing scheme.
According to The Hill, “the fake pages were designed to look like the site used by Democratic officials and candidates across the country to access a service called Voterbuilder, which itself hosts the voter database.”
Apparently, it was detected before becoming fully operational, but just barely. CNN’s source reports that “the DNC did not have any evidence that the database had been accessed or changed.”
As related by Adrienne Watson, DNC deputy communications director, the attack was “completely thwarted.” She also claims, “there was no way the voter’s file was accessed.”
In an obvious attempt to pin the deed on Russia, at the bottom of their article the Hill adds, “Microsoft said it believed Fancy Bear, the Russian hacker group that was behind the 2016 DNC hack, also created the fake domains.” They don’t go into any substantiating detail though.
While the fake login page was “very convincing,” and if allowed to go into full operation, security researchers are certain that it would have been devastatingly effective, it’s still to soon to lay the blame for the “spear-phishing” attempt on Vladimir Putin and the coders at the Kremlin.
“It’s way too early,” security researcher Mike Murray notes. “That kind of analysis and attribution takes time.” Murray is vice president of security intelligence for Lookout, the San Francisco-based firm that discovered the hijacking attempt. “It would have been a very effective attack,” he added.
When Lookout first noticed the rapidly emerging threat, they contacted Digital Ocean who is the cloud service provider that houses the voter data. Together, they notified the DNC “early Tuesday,” who in turn, called the FBI.
Bob Lord, the DNC’s chief security officer, issued a statement Wednesday at the Association of State Democratic Committees. “While it’s clear that the actors were going after the party’s most sensitive information,” Lord declares, “the DNC was able to prevent a hack by working with the cyber ecosystem to identify and take steps to stop it.”
“These threats are serious, and that’s why it’s critical that we all work together, but we can’t do this alone.”
Despite efforts by Democrats to take all the teeth out of voter security, fighting changes like ID requirements and purging the voter roles of invalid entries, Lord points the finger at Republicans.
“We need the administration to take more aggressive steps to protect our voting systems. It is their responsibility to protect our democracy from these types of attacks.” We have a Republic but Democrats are biased against the truth.
Meanwhile, dozens of Democratic lawmakers appear to have given full control of secure information servers to the Awan family from Pakistan.
When equipment came up stolen and reports surfaced that the missing equipment was loaded with classified files before being shipped home to Pakistan, the “victims” refused to press any charges.
An Inspector General report uncovered, as just one example, “75 pieces of equipment with a total purchase price of $118,416 went missing” from Rep. Yvette Clarke’s (D-NY) office. Clarke “won’t go to court and say she was robbed.”
At least 59 legislators “were confirmed hacked in 5735 logins, and who knows how many illegal data transfers. Not a single one is willing to press any charges,” Conservative Daily Post reports.
Daily Caller News Foundation ran an article claiming, “Imran Awan’s father, Haji Ashraf Awan, had transferred a USB drive to a Pakistani senator and former head of a Pakistani intelligence agency.” The drive was reportedly “full of American security secrets.” So were a whole bunch of laptops.
In a recent ruling, Judge Tanya S. Chutkan handed down a shockingly light sentence. Awan Imran must endure a full three months of “supervised release” during which time he will not be allowed to return to Pakistan. Still, the Democrats insist all the hacking comes from Russia.
Security firm Lookout uses a network of probes directed by artificial intelligence to detect threats like the counterfeit domain used this time. Their software gets “thousands of hits on suspicious sites each day.”
According to Murray, they “likely found the site within 30 minutes of its being put online.” The researcher believes nobody would have had a chance to log in because this type of exploit requires another step. Typically, a harmless looking email is sent out to trick the user into clicking the bogus link.
Once there, no detectable difference would be noticed. After typing in the appropriate username and password, the bogus site records the information and possibly even forwards it to the real site, so the user would not get suspicious.
As Murray describes, when they discovered the page, “it was changing rapidly, as if the hackers were building it as Lookout was discovering it. The fake site was designed to look identical to the one built for the DNC.”
In coordination with the researcher firm, Lookout, and the DNC, we began taking immediate steps to address the threat. We are continuing to partner with the DNC and appropriate law enforcement agencies on this issue. We take this, and all types of abuse of our services, seriously, and remain focused on making the internet a safer place.”