The Democratic Congressional Campaign Committee confirmed Friday it was the target of another hack, following on the heels of an earlier breach of the Democratic National Committee.
FBI sources confirmed to Reuters Thursday that they were investigating the DCCC hack. The group, which raises money for the party’s congressional candidates, was hacked as recently as June.
“Based on the information we have to date, we’ve been advised by investigators that this is similar to other recent incidents, including the DNC breach,” said Meredith Kelly, the group’s national press secretary.
Many establishment news sites, such as Politico, jumped immediately to blame the hack on Russia, citing unnamed cyber-security experts and suggesting that Russian President Vladimir Putin is looking to embarrass the Democrats and help Trump get elected.
“Hackers apparently affiliated with Russian intelligence have launched a cyber attack targeting donors to the Democratic Party’s House campaign arm, sources and news reports said Thursday night, adding to the troubles unleashed by last week’s disclosure of embarrassing internal emails from the Democratic National Committee,” Politico reported.
The timing of the news coming out about the second hack seemed suspicious.
Reuters first reported the new attack less than three hours before Democratic Party nominee Hillary Clinton gave her acceptance speech in Philadelphia, “will certainly increase scrutiny of the party’s cyber security, as well as the Clinton campaign’s allegations that Russian hackers are trying to interfere in the presidential election to aid Donald Trump.”
But not so fast, say some security analysts.
There could be multiple layers of psychological manipulation going on with this story.
Hackers around the world, both state and non-state actors, have long been at least loosely affiliated with Anonymous – which includes among its ranks China, Iran and Russia along with AQ and a motley crew of international “hacktivists.”
So, the question becomes, who’s playing whom?
“Democrats may well want to smear Trump and try to cover their own abysmal level of cyber security ability and practices, including Hillary Clinton herself as poster queen of cyber security sloth,” a Washington security analyst told WND. “What better way to do that than with accusations about the Big Bad Bear? And oh, by the way, [to] see how much Trump likes Putin, hint hint.”
But the Russians may, in fact, fear Trump far more than Hillary.
“He would be an American leader at last as cunning and ruthless as Putin himself who knows Vlad for exactly what he is … because they are both alpha males and total patriots to their own country,” the analyst told WND under the condition of anonymity.
“So, the Russians let the Dems run with this, whether or not they’re the culprits, partial-culprits or not culprits at all. The ultimate objective of both Dems and Russians may be to keep Trump out of the White House.”
According to Politico, which cited “an expert familiar with the latest breach, the latest hack was perpetrated by one of the two Russian-based groups previously blamed for rifling through the DNC’s computer networks and making off with emails and other documents. But this new attack “appears to be a bit different” the source said.
The hack ought to stoke anxiety for people throughout the political process, Jim Manley, a former top spokesman for Senate Democratic leader Harry Reid told Politico.
“Everybody at the different campaign committees better get used to the idea that their computer systems have been hacked by bad actors and plan accordingly, because we may be headed in to unchartered territory here,” Manley said by email.
Reuters said the newest exploit involved creating a bogus website whose name closely resembled that of a company that processes donations for the DCCC.
Cybersecurity experts inside and outside the government have said the breach of the DNC’s computers appears tied to Russian intelligence services, but the administration has not officially blamed a culprit or specified a motive for the attack. The security firm CrowdStrike has blamed the DNC breaches on two entities, dubbed Cozy Bear and Fancy Bear, that appear to have ties to major Russian intelligence services.
But the Russians, who possess some of the best cyber hackers in the world, are surely more sophisticated than to leave such obvious tracks – unless they wanted to.
Reuters said the DCCC attack could have begun as recently as June, the same month the DNC hack became publicly known.
Reuters said: “That was when a spoof website was registered with a name closely resembling that of a main donation site connected to the DCCC,” apparently referring to ActBlue. “For some time, Internet traffic associated with donations that was supposed to go to a company that processes campaign donations instead went to the spoof site, two sources said.”
The fake site’s Internet protocol address “resembled one used by a Russian government-linked hacking group,” Reuters added.
ActBlue executive director Erin Hill told Politico in a statement that her organization’s “systems, servers and donor information is, was and remains secure.”
Meanwhile, a former White House head of cybersecurity policy is hitting back at suggestions the U.S. should target Russia with a cyberattack in response to its suspected involvement in hacking the Democratic National Committee, the Hill reported.
“Frankly, the idiots that immediately think about just retaliating in kind in cyberspace aren’t thinking very creatively or critically about how you do deterrence or how you send signals or how you make people feel pain,” Chris Finan said in an interview in the Daily Dot.
A policy of responding in kind might not be more effective than other tactics, Finan said, and would be difficult to implement when the other nation knows a cyberattack is coming.
Director of National Intelligence James Clapper, speaking about the hack of Democratic Party emails, said Thursday the U.S. intelligence community was not ready to “make the call on attribution” as to who was responsible.
The FBI has not disclosed any information about who was behind either of the two recent hacks.
Cyber security experts and U.S. officials said on Monday there was evidence that Russia engineered the release of the first hack, of sensitive Democratic Party emails in order to influence the U.S. presidential election.
The emails were released by the anti-secrecy group WikiLeaks on the eve of the Democratic National Convention, and appeared to show that the Democratic National Committee favored Hillary Clinton over her chief rival, U.S. Sen. Bernie Sanders.
Clapper, speaking at the Aspen Security Forum, acknowledged that “there’s just a few usual suspects out there” who might be responsible for the cyber intrusion, suggesting it was the work of a nation-state rather than an independent hacking group.
“We don’t know enough to ascribe motivation,” he said. “Was this just to stir up trouble, or was this ultimately to try to influence an election? That’s a serious proposition.”
Russian officials dismissed the accusations of Moscow’s involvement.
“It is so absurd it borders on total stupidity,” said Kremlin spokesman Dmitry Peskov. “The Americans need to get to the bottom of what these emails are themselves and find out what it’s all about.”
Clapper told Reuters that comments by Republican presidential nominee Donald Trump questioning U.S. alliances in Europe and Asia had rattled foreign intelligence and security officials.
While declining direct comment on Trump’s remarks, he said: “Such statements, such rhetoric are very bothersome to our foreign interlocutors, our foreign partners. I hear that from counterparts, intelligence and security colleagues in many other countries. … It is a worry to them; it really is.”