Political Cyber Security: Who’s Under Attack & Why

Brook Zimmatore | August 12, 2016

Political and corporate espionage is nothing new. In 2015, President Obama was so thoroughly hacked that even messages off of his Blackberry were made public. Last year the FBI announced plans to increase prosecution of corporate espionage. In both cases, the threats seemed to come from other nations: Russian and China, respectively.

Yet now, all of a sudden, everyone is talking about these massive WikiLeaks listings of top members of the Democratic Party. What’s going on around here?

Who We Know Has Been Hacked

We know the list of some nineteen thousand hacked emails released from WikiLeaks, including seven top officials of the Democratic National Committee like the Communications Director and several key officials in the financial components of the Committee.

Officials have confirmed that the DNC has been hacked, as a whole, with WikiLeaks stating this email release is just “part one of our new Hillary Leaks Series.”

We also know that the Hillary Clinton campaign has been hacked. It also appears that the Democratic Congressional Campaign Committee (DCCC) has been hacked, which is the committee responsible for raising money for democrats running for the House of Representatives. It even appears that Hillary Clinton’s private email server and emails have been hacked.

Why Hack Political Parties?

Political campaigns retain a great deal of data: donors, their financial information, credit card numbers of individual donors, email lists, addresses and phone numbers. Even just when door-to-door opinion polls are collected, such data gets stored by political parties. That accounts for a plethora of data that has resale value on the cyber black market.

Black market resale of data like credit card numbers generally has a short shelf-life, however: you want to list and sell the product quickly enough that the numbers and available balances are still valid. No such listing has appeared as a result of these recent leaks, which begs the question: what other reason would someone have to hack political parties, if not monetary?

As brought to life in shows like Mr. Robot “hactivists” want to dismantle the, presumably, corrupt political and financial fabric of modern society—a sort of anarchist view of freedom. WikiLeaks itself purports no political ties but instead a drive for the freedom of information. So that’s option number two, and it’s certainly more probable than financial motivation.

What These Hack Mean for the Oval Office

Even if we assume political motivation for the hacks on major democratic officials and committees, this is all irrelevant as the elephant is staring at us from the middle of the room as the weak floor boards of infrastructure under it creak from the huge commissions in data protection for the US government.

Taking just an old example of government weakness, last year we saw over 1 million government registry profiles hacked and leaked onto dark web black markets, where they still exist today for sale. And the best part, they came with cleartext passwords like a ribbon on the elephants ears.

govregistry.us hack totalled over 1 million lost credentials with cleartext passwords Given the implications, one thing is For certain: political cyber security is more important than ever and it is time the same focus and liability is put on government security entities as it is within corporate security.

CEO / Co-Founder
Brook Zimmatore is the Co-Founder & CEO at Massive.