Political campaigns are stepping up their protection and fear that the next ransomware attacks could target them.
Cyber criminals have a growing number of targets from Colonial Pipeline to JBS USA. And political campaigns are painfully familiar with risk following the 2016 attacks on the Democratic National Committee.
“I think we saw Armageddon in what happened at DNC in 2016,” said Jesse Thomas, senior director of impact and mobilization for democratic company Bully Pulpit Interactive.
Russian hackers leaked thousands of emails from the Democratic National Committee prior to the 2016 presidential election, harming the Democratic candidate Hillary ClintonHillary Diane Rodham ClintonTrump meets Biden, Democrats return to rally stage after presidency Conan O’Brien finishes late-night run after more than 4,000 episodes.
“That was absolutely as bad as it could get to completely penetrate the network and then use your internal documents and turn them into weapons,” added Thomas.
The intelligence services later concluded that the operation was part of the Kremlin’s efforts to meddle in the elections. While Russian efforts did not result in a change in votes, hackers were able to gain access to voter registration systems in Florida and Illinois.
Cyber threat concerns have multiplied over the past year as organizations from schools to hospitals to government agencies have been hit by ransomware attacks in which hackers encrypt systems and demand payments to restore access.
Presidential campaigns during the 2020 election cycle were also a target.
Microsoft announced last September that hackers based in China, Russia and Iran were targeting both the Trump and Biden campaigns. Google researchers also found evidence of attempted cyberattacks against the two campaigns by Chinese and Iranian government-backed hackers.
Other campaigns were also targeted, with Sen. Bernie Sanders
Bernie SandersBiden: “Not my intention” to veto the bipartisan infrastructure package The Hill’s Sustainability Report – Presented by NextEra Energy – Filipino flies turn junk into beef (I-Vt.) Was informed in early 2020 about the efforts of the Russian government to meddle in the election in favor of its presidential campaign.
Experts told The Hill that political campaigns are often a rewarding target for overseas governments and cyber criminals.
“[Campaigns] are squishy perimeter companies, ”said Michael Kaiser, president and CEO of Defending Digital Campaigns (DDC), a group dedicated to defending federal campaigns from cyber threats, including ransomware attacks.
Kaiser said campaigns differ from traditional companies in that they include more parties vulnerable to cyber threats, such as the candidate’s family, confidants, third-party vendors, and fundraisers.
Congressmen on both sides of the aisle are increasingly concerned about cybersecurity threats to the country. Following the recent major ransomware attacks, lawmakers told The Hill they were concerned that campaigns were also vulnerable.
“Yes, ransomware will be a headache for anything,” said Sen. Angus King
Angus KingLawmakers, Advocates Call for Details on Afghan Evacuation Plan The Hill’s 12:30 PM Report – Presented by Facebook – Biden helps negotiate bipartisan infrastructure deal (I-Maine), the co-chair of the Congressional-created Cyberspace Solarium Commission (CSC), told The Hill. “I think the bigger danger in campaigns is hack and leak and election interference, disinformation, that’s what I’m more concerned about.”
“I think ransomware is a potential polling issue, but I’m just as concerned about malicious influence, hacks and leaks, things we saw in 2016,” remarked King.
representative Mike Gallagher
Michael (Mike) John GallagherOvernight Defense: Intel Releases Highly Anticipated UFO Report | Biden meets with the Afghan President | Conservatives Propose Against Milley Biden Budget That Includes 0M To Help Agencies Recover From SolarWinds Hack In Proposed Budget GOP Legislator Calls For Investigation In Wuhan To “Prevent Next Pandemic” MORE (R-Wis.), The other co-chair of the CSC, told The Hill that political campaigns are often particularly vulnerable to hackers because of the fast pace with which they are created.
“The problem with campaigns is that in a short amount of time you build a strange startup and you don’t have the resources to invest in cybersecurity, so they’re soft targets,” Gallagher said.
Campaign committees also take steps to ensure they are protected from ransomware attacks and other cyber threats.
“The DCCC constantly monitors and reviews our infrastructure to protect it from cyber threats. We are in regular contact with campaigns that need resources to protect their assets, ”said Chris Taylor, spokesman for the Democratic Congress electoral committee.
In addition, the DCCC announced in March that it was deploying its first chief technology officer, Erica Joy Baker.
Republicans have also worked to step up their cybersecurity operations.
“The NRCC does not publicly discuss its operational security, but is taking numerous steps to ensure the security of its systems,” said a source familiar with the group’s planning.
Campaigns and committees often do not go into detail about specific measures they are taking to protect themselves.
“That’s the other thing about cybersecurity in the political arena … Would a cyberattack on a campaign look like a weakness?” Said Kaiser.
DDC, which has worked with companies such as Microsoft and Google, offers training in areas ranging from password management to protecting websites.
Kaiser said his goal is to create a pipeline of knowledge about cybersecurity within the political campaigning world.
“My long-term vision is that we will just start training some of these people so they know, so they can move from campaign to campaign,” Kaiser said. “Learn, bring cybersecurity into the next campaign. We have to raise the whole sector, and this sector is a lot about the people. “
In the last cycle, DDC worked directly with over 180 campaigns. Kaiser said a growing number of campaigns are beginning to recognize the need for more cybersecurity resources.
“There was pretty good awareness of the need to do something about cybersecurity,” he said. “It’s not that people don’t know these risks are out there and don’t know they shouldn’t do anything.”
Experts say that smaller campaigns, usually those that are not nationwide and state-wide, are more vulnerable to cyber threats due to a lack of infrastructure. Nationwide and state-wide campaigns, usually with committee support, tend to offer more protection against threats.
“I worked remotely for the Biden campaign and before I could access my information I was sent a token to access everything that is far from anything I have seen in previous presidential campaigns,” said Thomas.
Kaiser said the top priority for smaller campaigns with fewer resources should be multi-factor authentication with a security key.
“This will work against a lot of stuff, but most of all it will help against phishing attempts,” he said.
With 2021 largely an elective year, Gallagher stressed that campaigns preparing for 2022 should prioritize cybersecurity now, not later. The recent attacks, he said, were “wake-up calls”.
“The time was probably yesterday,” said Gallagher.
source https://collegeeducationnewsllc.com/political-campaigns-worry-theyre-next-for-ransomware-hits/
No comments:
Post a Comment