The Democratic National Committee said late Wednesday night that what it had earlier feared was the beginning of a sophisticated attempt to hack into its voter database, was, in fact, an unauthorized “simulated phishing test” and not an actual attempt to hack into its systems by an adversary.
The Democratic Party of Michigan confirmed to CNN on Thursday morning that it had made a “misstep” and was responsible for the scare.
“We have taken heightened steps to fortify our cybersecurity – especially as the Trump Administration refuses to crack down on foreign interference in our elections. In an abundance of caution, our digital partners ran tests that followed extensive training. Despite our misstep and the alarms that were set off, it’s most important that all of the security systems in place worked,” Brandon Dillon, the chair of the Michigan Democratic Party, said in a statement.
On Wednesday, Bob Lord, the DNC’s chief security officer, briefed Democratic officials after detecting a fake login page that was designed to look like the access page Democratic Party officials and campaigns across the country use to log into a service called Votebuilder, which hosts the party’s voter database, a Democratic party source told CNN.
The initial detection of the apparent hacking attempt by a cybersecurity firm on Monday prompted the DNC to call the FBI, the source said.
“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” Lord said in a statement released shortly after.
However, as the committee continued its investigation on Wednesday, it became clear that the apparent hack was not what it seemed.
In a statement, Lord said, “We have continued to investigate the phishing site reported to the DNC yesterday. We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder. The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors.”
It is not uncommon for organizations to run tests to identify gaps in that organization’s cybersecurity practices. However, in this case, Democrats in Michigan did so without the knowledge of the DNC.
“Cybersecurity experts agree this kind of testing is critical to protecting an organization’s infrastructure, and we will continue to work with our partners, including the DNC, to protect our systems and our democracy,” the chair of the Michigan Democrats said in a statement Thursday.
Lord said the DNC had taken the “necessary precautions to ensure that sensitive data critical to candidates and state parties across the country was not compromised.”
“There are constant attempts to hack the DNC and our Democratic infrastructure, and while we are extremely relieved that this wasn’t an attempted intrusion by a foreign adversary, this incident is further proof that we need to continue to be vigilant in light of potential attacks,” he added.
The DNC’s snafu comes amid reporting of other attempted hacks on Democratic campaigns. Last week, it emerged two Democratic primary campaigns in California had been breached earlier this year.
On Tuesday, Microsoft said it had thwarted part of a Russian military intelligence operation targeting the US Senate and conservative think tanks that advocated for tougher policies against Russia.