As the Democratic Party’s highest officials gathered in Chicago this week, they feared their worst nightmare was becoming a reality. Again.
They thought they were being hacked by a foreign power.
DNC Chief Security Officer Bob Lord announced to the state parties on Wednesday morning that they had contacted the FBI after the cybersecurity company LookOut discovered a phishing campaign seemingly designed to try and steal information from the party’s prized voter file. The DNC hit the emergency button, locking voter file accounts across the country and disrupting some canvassing and phone banking efforts to limit any potential damage.
“This attempt is further proof that there are constant threats as we head into midterm elections and we must remain vigilant in order to prevent future attacks,” Lord said.
But it was all a false alarm inadvertently tripped by the Michigan Democratic Party, which had been conducting its own cybersecurity test to see if its members fell for the phishing attempt. The DNC announced they would be crafting new rules for states wanting to run future cybersecurity exercises.
“It appears that the DNC wanted pretty badly to brag about their cyber security capabilities, but they kind of unnecessarily freaked a lot of people out and ended up with pie in their face,” said one source briefed on the incident.
Democrats across the country are jumpy about avoiding a repeat of 2016, when the DNC and Hillary Clinton’s campaign chairman were both hacked and Wikileaks published their private emails for the world to see. Party officials in Chicago asked security experts whether they should be worried about Russians hacking the Hyatt Regency’s WiFi and how to spot foreign propaganda online. “Two-factor authentication” was the buzzword of the day.
Many Democrats said the party’s rapid response made them optimistic that the party was ready for a real attack in the future.
“We should be hyper vigilant,” said Ken Martin, the head of the Association of State Democratic Committees. “If anything what the false alarm showed is that the measures that the DNC has put in place since 2016 actually are working .”
“This time it was a false alarm (initiated by a consultant for a state party, who didn't tell the DNC before they started their phishing tests) but next time it could be the real deal,” said one Democratic Party source. “Seeing how responsive they were this week makes me confident in Bob Lord's leadership and VAN's capabilities.”
Still, the false alarm did have unintended consequences.
State party officials were frustrated that the party unilaterally, and without notifying them, locked all voter file accounts that had been dormant for more than 90 days, meaning that some volunteers were unable to log in to knock on doors or phone bank. “For those of us who have been doing this a while, that is an unforced error that creates a lot of work for us on the ground,” said Stephen Handwerk, the executive director of the Louisiana Democratic Party who confronted DNC officials Thursday morning about keeping the state parties in the loop.
“I personally apologize for the way this happened,” the DNC’s Kat Atwater told state party officials.
Still, some state party officials said that the disruption was just natural growing pains that come from overhauling the party’s cybersecurity and expressed confidence that this false alarm would end up being a positive learning experience.
“Is there room for improvement on communicating what they’re doing to the state parties, absolutely, but this is to keep us safe,” said Trav Robertson, the chair of the South Carolina Democratic Party. “We are under attack.”
Cover image: The headquarters of the Democratic National Committee (DNC) is seen in Washington, DC, August 22, 2018, after reports indicated that the DNC notified the FBI of an attempt by hackers to infiltrate the organization's voter database. Photo credit should read SAUL LOEB/AFP/Getty Images.