When DNC Chairman Tom Perez was Campaigning for his current role, he said that one of his first Priorities would be to hire an In-House Cybersecurity Officer who would work “with all of our state partners,” explaining that while he was “confident we can fortify the front door and prevent breaches,” it was also “critically important all the windows are closed as well.”
The Democratic National Committee (DNC) has spent 14 months Staffing Up with Tech Talent from Silicon Valley, Training Staff to Spot Suspicious Emails, and giving the FBI someone to talk to if it spots Signs of Hackers targeting the Party.
The first concrete sign of success may come in a few weeks, if the Democrats make it through the November Midterm Elections unscathed. But Raffi Krikorian, the DNC’s Chief Technology Officer, who arrived in late July 2017, is already pointing to one significant Accomplishment, a Massive Overhaul of Digital Security at the Committee and its Sister Organizations.
That would be a big leap from September 2015, when the FBI’s first attempt to Alert the Party to a suspected Russian Cyberattack reached a DNC IT Contractor who thought it was a prank. Such a Major flub would not happen now, said Krikorian, whose résumé includes Senior Roles at Uber and Twitter.
“It would be surprising if a week went by and I didn’t hear from one of the three-letter agencies in my inbox,” Krikorian said during an Interview at the Committee’s Headquarters. Representatives of the Bureau and other Federal Agencies have “been in our building to ask how they can help or what information we might be able to coordinate on in the future.”
Krikorian and his Team have been trying to instill that same mindset throughout the Party, including among Democratic Campaigns and State Parties. The Party’s entire Apparatus is “aware that security’s something they should be concerned about,” he said. “We’re actually moving up this curve at a fairly good clip.”
Still, the Party faces an enormous challenge in Recovering from the Damage inflicted by the Hacking of DNC Emails, Strategy Documents, and other Internal Records in 2016, which U.S. Intelligence Agencies have said was part of a Moscow-backed effort to help President Trump win the White House.
Officials including Director of National Intelligence (DNI) Dan Coats have Warned that this year’s Midterm Elections remain a potential Russian Target, and some Democratic Senators have reported Malicious Email Attacks on their Offices this year, both Indications that the Threat from Foreign and Domestic Hackers has far from vanished.
The new focus on Security has led to some High-Profile misfires, too, including an August Mishap in which the DNC said it had thwarted an attempt to Hack into its Massive Voter Database, which it called “further proof that there are constant threats as we head into midterm elections.” Hours later, the Party announced that the Hack was just a Security Test by a State Party.
DNC Chief Security Officer Bob Lord said at the time that the real takeaway from the flub was how quickly the Massive Organization recognized its Mistake. “I don’t know that that would have happened two or three years ago,” he said. Lord, a former Yahoo and Twitter Security Executive, was one of Krikorian’s most significant hires. He worked closely with the FBI when it Investigated Two massive Data Breaches at Yahoo, and he is now one of the DNC’s Key Ambassadors to the Bureau.
But better Communication and Organizational Changes will go only so far in helping the DNC Defend itself and help the myriad Campaigns and Democratic Party Organizations that rely on its Leadership. Weaknesses in those other Organizations, outside Krikorian’s control, can also threaten the DNC. That happened in 2016, when Suspected Russian Hackers broke into the DNC’s Network using Credentials Stolen from the Democratic Congressional Campaign Committee (DCCC).
Joseph Lorenzo Hall, chief Technologist at the Center for Democracy and Technology, said he still has questions about how the DNC would deal with far-flung Threats to Democratic Candidates. One example would be a Barrage of crippling Internet Traffic Attacks that Shut down a Candidate’s Fundraising site at a key moment. “I would love to hear how confident they are that they can deal with particular threats and techniques,” Hall said. “What if they get hit by a ransomware attack locking up some or all of their devices on a specific campaign?”
Krikorian says he is doing everything he can to prepare the Organization for unexpected Cyberattacks, as well as the more common Threats that have already Hurt the Organization. He explained, his Team of 35 People launched regular Meetings, initially monthly and now every two weeks, with their Counterparts at the other Party Committees like the DCCC. The DNC also created an email List, Staffed by Three People on call around the clock, where Campaigns can Report cyber Incidents.
Krikorian’s Team regularly discusses emerging Threats with Experts at Microsoft, Facebook, Google, and other Tech firms. They Chat via the Encrypted Messaging apps Signal and Wickr with Cyber Experts from the DNC’s Sister Committees and Third-Party Vendors, discussing suspicious incidents and other information.
The DNC also works with Facebook and Twitter to ensure the Committee learns when Candidates Contact Social Media firms about possible Account Takeovers. “Not because we can necessarily do anything about it,” Krikorian said, “but just to help us get a bigger view of what’s going on nationwide.”
NYC Wins When Everyone Can Vote! Michael H. Drucker
No comments:
Post a Comment