The Democratic National Party now says a phishing campaign against its voter database revealed Wednesday was in fact an unauthorized test by a third party and not the work of a malicious attacker.
“We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder,” DNC Chief Security Officer Bob Lord said in a statement. “The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors.”
Lord did not identify the unauthorized third party that had carried out the phishing test. But in a statement Thursday, Michigan Democratic Party Chairman Brandon Dillon said his organization had approved the simulation.
“In an abundance of caution, our digital partners ran tests that followed extensive training,” Dillon said. “Despite our misstep and the alarms that were set off, it’s most important that all of the security systems in place worked. Cybersecurity experts agree this kind of testing is critical to protecting an organization’s infrastructure, and we will continue to work with our partners, including the DNC, to protect our systems and our democracy.”
PCMag was first to report on the Michigan Democratic Party’s involvement in the test.
Spearphishing was devastatingly effective during the 2016 presidential campaign, as Russian hackers breached the DNC and other organizations to leak thousands of emails aimed at undermining the candidacy of Hillary Clinton. Those memories were revived Wednesday when the DNC said it had contacted the FBI after phishing activity surfaced. Cybersecurity company Lookout had discovered a phishing site replicating the login to NGP VAN, a tech provider for Democratic organizations, and notified the DNC.
A subsequent investigation revealed the phishing to be a false alarm.
“There are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn’t an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks,” Lord said. The DNC ensured that data important to candidates and state parties was not compromised because of the test, he said.
Lord, a former cybersecurity executive at Yahoo whom the DNC hired in January, also thanked private-sector security experts for examining the phishing incident.
I appreciate various parts of the security ecosystem coming together quickly to tackle this matter. Lots of super dedicated pros like @mmurray and @TheCustos and their teams who reached out to us and worked round the clock with me! https://t.co/94xNvcu2vP
— Bob Lord (@boblord) August 23, 2018
Patrick Howell O’Neill contributed to this story.