For all its vitriol and attention, the 2016 Republican National Convention saw very little in the way of cyberattacks, according to convention Chief Information Officer Max Everett.
The threat of hackers targeting the event, Everett described, had become a sort of mainstream focal point for news outlets heading into the Cleveland-based convention. And yet, in the hours during and days preceding the convention, Everett said that his roughly 50-person cybersecurity team — comprised by in-house professionals and contracted specialists from Microsoft, Cisco and other RNC tech partners — saw relatively little malicious activity on the convention’s IT networks.
[Read More: Inside the GOP Convention’s cybersecurity operation]
This year’s Republican National Convention represented Everett’s fourth of being in charge of the event’s digital asset protection, which included staff email services, the main event website, on-ground Wi-Fi connectivity and media systems, among other things.
“Much like the successful physical security of the convention, we prepared well in advance with a variety of partners internally and at the local, state and federal levels to ensure a safe and resilient convention,” Everett wrote in an email to FedScoop. “I believe that the results of all that led to a very secure convention with no major incidents.’
Some of the expected attacks did occur: a number of the convention staff members received phishing emails, for example, while others on the security team noticed odd network traffic that later largely proved to be innocent, said Everett.
Unlike the 2008 Republican National Convention, Everett was surprised to see zero distributed denial of service, or DDoS, attacks against his systems. DDoS attacks are designed to shut down or disrupt users access to an online service by flooding it with extra, artificial traffic.
“Hosting content and infrastructure on major providers like YouTube and Office 365, as well as additional proactive protections from AT&T on our infrastructure, mitigated those type of attacks,” Everett told FedScoop.
Additionally, Everett said this year’s detected attacks lacked complexity, with Everett saying at no point in time during the convention’s preparation or event did his team witness something they would classify as an advanced persistent threat, or APT.
At the moment, the convention’s multipartner cybersecurity team is developing an “after-action report” to provide a more comprehensive packet of information. Everett avoided providing specific numbers because current figures may reflect higher rates of false positives and they do not account for the actual risk or sophistication of a given attack.