Thousands of years from now, historians of ancient civilizations will chuckle at the fact that an all-out nuclear war between the U.S. and Russia was triggered when Tom Perez clicked on a porn link, had his computer suddenly lock up, and ran to President Avenatti to say that Putin was at it again.
This never would have happened if the DNC was still guided by the cool head and steady hand of Debbie Wasserman Schultz.
What the Democratic National Committee this week thought was an attempted hack of its valuable voter file turned out to be a security test…
The committee on Tuesday alerted the FBI to a fake online portal it thought had been set up as an elaborate attempt to trick DNC staff into giving up their log-in credentials — through a hacker technique known as “phishing” — as a way to gain access to the party’s VoteBuilder database…
“The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors,” he said.
Someone was “testing” the security of the DNC’s voter database and didn’t tell anyone at the organization? Good lord. What mischievous or malevolent entity could that have been? The RNC? Wikileaks? The Kremlin?
Not exactly: “The simulated test was conducted at the behest of the Michigan Democratic Party, using ‘white-hat’ hackers who volunteered their services to test the system’s security, according to a person familiar with the incident.” Those white-hat hackers were part of a firm called DigiDems, apparently, which built a fake website that closely resembled the login page for the DNC’s database. The idea was to lure DNC staffers to that fake page with “phish” emails, hoping they wouldn’t recognize it as bogus and would enter their real logins and passwords to the database. Fortunately, no one bit.
Which is no surprise: You need to get up pretty early in the morning to outsmart Democrats with a phishing email.
Two scary wrinkles to this story. One: Per Axios, the security firm that detected the bogus database site wasn’t actually designed to monitor non-mobile websites — and firms that are might not have caught it before someone inadvertently tried to log in. The firm, Lookout, claims it spotted the fake site because it uses AI; other firms wait until a link in a phish email is clicked before scanning to see if it’s authentic or not, which may be too late for the intended victim. Two: Midterm-related hackings are already going on elsewhere and, unlike this one, they’re not fake. And they’re not all aimed at Democrats either.