Democratic National Committee (DNC)

Emotet hackers are using Democratic Party content in email scam

Posted on October 2, 2020 by Joe Warminsky

A global spike in the spread of Emotet malware now includes phishing messages geared toward potential Democratic Party volunteers at hundreds of U.S. organizations, according to security researchers. Attackers behind the Emotet hacking tool have referred to current events in their email lures before, but “historically they have not directly leveraged political themes in their messaging,” reports email security company Proofpoint. The body of this particular email is taken directly from a page on the Democratic National Committee’s website, the researchers say, and attached is a malicious Word document titled “Team Blue Take Action.” The thousands of emails sent to U.S. targets came in the same week that interest spiked in the U.S. presidential campaign as President Donald Trump and Democratic challenger Joe Biden met in their first debate. (Trump’s announcement early Friday of a positive coronavirus test probably will not dampen Democrats’ interest in the race.) Proofpoint stresses that despite the political content of […]

The post Emotet hackers are using Democratic Party content in email scam appeared first on CyberScoop.

Continue reading Emotet hackers are using Democratic Party content in email scam→

DNC issues another warning on TikTok, citing data security risks

Posted on July 12, 2020 by Sean Lyngaas

The Democratic National Committee on Friday reiterated a warning to Democratic campaigns, state parties and committees about the security risks of using the video-sharing app TikTok, which is owned by Chinese tech company ByteDance. “Because of the amount of data it tracks, we continue to advise campaign staff to refrain from using TikTok on personal devices,” a DNC official told CyberScoop. “[I]f campaigns are using TikTok for campaign work, we recommend they use a separate phone and account.” The fresh warning, which DNC officials have been making for months, is the latest move by the political party to protect its data from compromise following the Russian hack of the DNC in 2016. It comes as TikTok faces greater scrutiny for its security practices from both U.S. government agencies and corporations. CNN was first to report on the DNC guidance. The video-sharing app is wildly popular. TikTok has been downloaded more than 2 billion […]

The post DNC issues another warning on TikTok, citing data security risks appeared first on CyberScoop.

Continue reading DNC issues another warning on TikTok, citing data security risks→

Biden campaign hires ex-White House official Chris DeRusha as CISO

Posted on July 10, 2020 by Sean Lyngaas

Joe Biden, the presumptive Democratic nominee for president, has turned to a former White House cybersecurity official to protect the campaign’s networks from hackers. Biden’s campaign said Friday it had hired Chris DeRusha, who served as a White House cybersecurity adviser when Biden was vice president, as the campaign’s chief information security officer. DeRusha, who has also held cybersecurity positions with the State of Michigan, the Department of Homeland Security and Ford Motor Co., will be charged with safeguarding the campaign’s digital assets in an election that U.S. officials expect to draw continued foreign interference. The Biden campaign has also hired software engineer Jacky Chang as its chief technology officer. Chang worked as a technologist for the Democratic National Committee and for Hillary Clinton’s 2016 presidential campaign. “Biden for President takes cybersecurity seriously and is proud to have hired high quality personnel with a diverse breadth of experience, knowledge and […]

The post Biden campaign hires ex-White House official Chris DeRusha as CISO appeared first on CyberScoop.

Continue reading Biden campaign hires ex-White House official Chris DeRusha as CISO→

Former Buttigieg CISO urges DNC to coordinate information sharing between campaigns

Posted on March 5, 2020 by Shannon Vavra

Over the last year, Democratic presidential campaigns have had difficulty sharing threat data between one another, according to the former security boss for Pete Buttigieg’s campaign, raising concerns about the party’s ability to fend off possible interference ahead of the November elections. Mick Baccio, who spent roughly five months working for the now-defunct Buttigieg campaign, told CyberScoop that his team tried sharing information with other campaigns that could have helped officials protect themselves from hackers. The effort was hampered, he said, by a shortage of qualified security staffers on other campaigns, and the lack of a formal information sharing process. Baccio resigned from the campaign in January over philosophical differences. “It’s not that there’s not a want to share. It’s ‘I don’t know who to talk to,’” he said during an interview Wednesday at the Splunk Government Summit in Washington, D.C.. “I don’t know of a formal mechanism; whether it’s through the DNC, DCCC, […]

The post Former Buttigieg CISO urges DNC to coordinate information sharing between campaigns appeared first on CyberScoop.

Continue reading Former Buttigieg CISO urges DNC to coordinate information sharing between campaigns→

DNC tells campaigns to be wary of contact from fake Sanders team account

Posted on February 27, 2020 by Shannon Vavra

The Democratic National Committee is warning presidential campaigns that someone has been impersonating a Bernie Sanders staffer through a domain registered in a foreign country, with the intention of contacting at least two other campaigns. The chief security officer for the DNC, Bob Lord, said in an email obtained by CyberScoop that adversaries could use the fake personas to set up phone calls or meetings with presidential campaign staffers. “They may impersonate people in the hopes that you will download suspicious files, or click on a link to a phishing site. Sometimes they seek to set up a call or an in-person meeting with the intent to record and publish the interaction,” Lord wrote Wednesday. It wasn’t clear if the actor or actors behind the impersonation successfully interacted with staffers at the campaigns they contacted. “If you receive any emails from a domain that you do not recognize or think is suspicious, please […]

The post DNC tells campaigns to be wary of contact from fake Sanders team account appeared first on CyberScoop.

Continue reading DNC tells campaigns to be wary of contact from fake Sanders team account→

DNC to Silicon Valley on disinformation: do better

Posted on December 16, 2019 by Shannon Vavra

The Democratic National Committee is calling on companies including Facebook, Twitter, and Google to step up their efforts to protect against disinformation on their platforms in the buildup to the 2020 presidential elections. The DNC’s recommendations, which it issued Monday, range from platforms promoting authoritative news outlets to establishing policies to prevent the automated spread of disinformation. The DNC is also calling on the companies to take a harder line against state-backed media, and to share more details about disinformation campaigns online to try enhancing the research community’s ability to understand political disinformation. “While progress has been made since the 2016 elections, platforms still have much to do to reduce the spread of disinformation and combat malicious activity,” the DNC writes. The recommendations show the Democratic Party, just a little over two months before the Iowa Democratic caucuses, rallying behind the idea that tamping down disinformation can help ensure a political […]

The post DNC to Silicon Valley on disinformation: do better appeared first on CyberScoop.

Continue reading DNC to Silicon Valley on disinformation: do better→

Russia’s GRU propped up fake media personas, mostly failed at social media promotion after DNC hack

Posted on November 13, 2019 by Jeff Stone

Russian military hackers who stole emails from the Democratic National Committee in 2016 were only acting as one part of a larger, coordinated effort to spread Kremlin-approved messaging before and after the 2016 election, according to new findings from Stanford University. Stanford’s Internet Observatory on Tuesday released a trove of analysis detailing how the GRU, a Russian military intelligence unit, was unable to generate public interest in the data stolen from Hillary Clinton’s campaign for more than a month. Hackers first linked to the stolen emails in a June 14, 2016 set of Facebook posts, pointing to a set of messages supposedly leaked from the campaign. Facebook engagement to the DC Leaks Page, later attributed to Russia, totaled a mere 834 engagements over 22 posts published over four months. International attention only began when WikiLeaks tweeted a link to a database containing thousands of documents revealing internal strife in the […]

The post Russia’s GRU propped up fake media personas, mostly failed at social media promotion after DNC hack appeared first on CyberScoop.

Continue reading Russia’s GRU propped up fake media personas, mostly failed at social media promotion after DNC hack→

Pentagon again deploying cyber personnel abroad to gather intel for 2020 elections

Posted on November 1, 2019 by Shannon Vavra

The Pentagon once again is sending cyber personnel overseas to gather intelligence to help protect the 2020 presidential elections against foreign interference, the U.S. Embassy in Montenegro announced this week. U.S. European Command and U.S. Cyber Command are deploying an undisclosed number of staffers to Montenegro in order to gain insights into cyber threats from adversaries before both the U.S. and Montenegrin elections next year. It’s the second time in as many years the Department of Defense is running going through the effort as part of a partnership that’s uniquely poised to provide insights on possible Russian election interference. Montenegro and the U.S. both have been targeted by the Russian government-linked hacking outfit APT28, or Fancy Bear. If Cyber Command uncovers similar activity again in Montenegro, those insights could inform decisions on how to safeguard the U.S. “Montenegro is among the first in Europe to face unconventional attacks on its democracy and freedom […]

The post Pentagon again deploying cyber personnel abroad to gather intel for 2020 elections appeared first on CyberScoop.

Continue reading Pentagon again deploying cyber personnel abroad to gather intel for 2020 elections→

Why did President Trump mention CrowdStrike to the Ukrainian president?

Posted on September 25, 2019 by Shannon Vavra

During a controversial phone call between President Donald Trump and Ukrainian President Volodymyr Zelenskiy in July, Trump asked Zelensky for a “favor” to help locate a “server” linked with security company CrowdStrike, according to an unclassified transcript of the call released Wednesday. “I would like you to do us a favor though because our country has been through a lot and Ukraine knows a lot about it. I would like you to find out what happened with this whole situation with Ukraine, they say Crowdstrike … I guess you have one of your wealthy people … The server, they say Ukraine has it,” Trump said, according the document released by the White House. “I think you’re surrounding yourself with some of the same people. I would like to have the [U.S.] Attorney General [William Barr] call you or your people and I would like you to get to the bottom […]

The post Why did President Trump mention CrowdStrike to the Ukrainian president? appeared first on CyberScoop.

Continue reading Why did President Trump mention CrowdStrike to the Ukrainian president?→