The campaign of Democratic presidential nominee Hillary Clinton is the latest possible victim of a series of hack attacks some cybersecurity experts have linked to the Russian government, according to press reports Friday.
Campaign officials acknowledged that an analytics program it uses, which is maintained by the DNC, was accessed in a breach discovered earlier this month. However, its internal systems apparently were not compromised.
The FBI reportedly is investigating the Clinton campaign hack along with a related cyberbreach at the Democratic Congressional Campaign Committee, the official campaign arm of Democratic candidates for the House of Representatives.
The latest news comes less than a week after Wikileaks published nearly 20,000 emails stolen in the earlier hack attack on the Democratic National Committee.
The bureau is probing whether the latest attacks are linked to the DNC breach.
“The DCCC can confirm that we have been the target of a cybersecurity incident,” said Meredith Kelly, national press secretary of the organization. “Upon discovering the issue, we immediately took action and engaged with CrowdStrike, a leading forensic investigator, to assist us in addressing this incident.
Based on the information the DCCC has to date, it appears that the breach is similar to prior incidents, including the DNC breach that is already under investigation, Kelly said, adding that the organization takes the matter very seriously.
“With the assistance of leading experts, we have taken and are continuing to take steps to enhance the security of our network in the face of these events,” she added. “We are cooperating with the federal law enforcement with respect to their ongoing investigation.”
CrowdStrike, which has been working with the DNC to investigate the earlier breach, confirmed that it also is working with the DCCC.
“We can confirm that the DCCC has hired CrowdStrike following the DNC breach and we are investigating the matter,” spokesperson Ilina Dimitrova told TechNewsWorld. “This is an ongoing investigation and we’re not able to provide further comments.”
The FBI issued a statement acknowledging it was aware of media reports regarding cyberintrusions involving “multiple political entities,” and that it was working to determine the accuracy, nature and scope of “these matters.”
The bureau takes allegations of intrusions seriously, it said, promising that anyone who posed a threat in cyberspace would be held accountable.
The FBI earlier this week launched a probe into the DNC breach, after questions surfaced about the possibility that Russian hackers delivered the stolen emails to Wikileaks in an attempt to help the presidential campaign of Republican nominee Donald Trump.
Trump set off a firestorm when he urged Russia to find and disclose more than 30,000 deleted emails belonging to Democratic presidential nominee Hillary Clinton.
Trump’s remarks came after the Clinton campaign raised suspicions that Russian hackers, working with Russian intelligence services, had coordinated the leaks of DNC emails to help the Trump campaign. Trump campaign officials publicly ridiculed the Clinton campaign’s allegations as an attempt to divert the public’s attention.
However, following withering attacks from national security experts and both Democratic and Republican party officials, Trump later backtracked from encouraging Russia to find and expose Clinton’s private emails, saying his comments were meant to be sarcastic.
The breaches raise troubling questions about the security systems of various public agencies, as well as the integrity of the presidential election itself, said Marc Rotenberg, president of the Electronic Privacy Information Center.
“EPIC said at the outset of this election year that data protection is the most important, least well understood issue in the country today,” he told TechNewsWorld. “All across the U.S., consumers confront issues of identity theft, data breach and financial fraud. Yet Washington has been unwilling to update U.S. privacy law or back strong security techniques.”
“The consequences are growing more severe,” he added, yet not a single speaker addressed the issue at either convention.
The U.S. can’t rely on its adversaries playing by the rules, warned Andrea Castillo, program manager for the Technology Policy Program at George Mason University’s Mercatus Center.
The government must take proactive steps to strengthen the U.S. cyberinfrastructure, she told TechNewsWorld.
“There’s been a lot of speculation, but I think the takeaway is more about our generally poor cybersecurity,” said Castillo. “A hack like this was more a matter of when, not if.”