A firm called ZeroFox released a report on Wednesday, titled “Threats to the Democratic National Convention in Chicago.” The report basically claims the following:
Ahead of the DNC, ZeroFox identified Telegram-based bot service “IntelFetch” aggregating compromised credentials related to the Democratic Party and the DNC.
And:
The exposed data, consisting predominantly of URLs paired with login credentials or login pairs, appears to originate from botnet logs and third-party data breaches. While this exposure does not seem to result from a targeted attack, it poses a risk of unauthorized access to sensitive systems and information within the Democratic Party and the DNC. Compromised credentials belonging to registered individuals and staff members of these entities could be used to infiltrate secure systems, access confidential information, and disrupt operations. This unauthorized access could impact the security and integrity of party activities and the upcoming DNC.
Given the political climate in the United States at the moment, that’s likely not good. Tom Marsland, VP of Technology, Cloud Range had this to say:
Compromised credentials of the DNC goes to show the lengths that threat actors will go to, to research their targets and exploit them. While there is no indication that these accounts were directly compromised, this also highlights the importance of basic cyber hygiene. In the current threat landscape, everyone is a target, and especially those who are working towards a specific interest (in this case politics) where there is “another side”. As we move deeper into election season, it will be important for everyone to remain vigilant and call out mis- and disinformation campaigns that could lead voters astray. One of the pillars of our country is free and fair elections, and as cyber professionals, all of us should rise up to denounce these attacks, thwart them through stronger defense (which includes user education on cyber hygiene – MFA, strong passwords, etc.), and band together for the common good of our elections.
Now the DNC has pushed back strongly on this report:
“The language in this report is an irresponsible and inaccurate characterization of the facts,” a DNC spokesperson said. “We take cybersecurity very seriously and have been preparing to host a safe and successful convention for over a year.”
DNC officials added that the records referenced in the ZeroFox report were from 2016, are no longer active and were accessed via external websites, not the official DemConvention[.]com website.
In my mind, any data leak is a bad thing. And I suspect that privately the DNC is super concerned about this. And I also suspect that they’re hoping that this isn’t the tip of the iceberg so to speak.
Related
This entry was posted on August 15, 2024 at 9:48 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
DNC Dealing With A Potential Data Leak Just Days Before Their Convention
A firm called ZeroFox released a report on Wednesday, titled “Threats to the Democratic National Convention in Chicago.” The report basically claims the following:
Ahead of the DNC, ZeroFox identified Telegram-based bot service “IntelFetch” aggregating compromised credentials related to the Democratic Party and the DNC.
And:
The exposed data, consisting predominantly of URLs paired with login credentials or login pairs, appears to originate from botnet logs and third-party data breaches. While this exposure does not seem to result from a targeted attack, it poses a risk of unauthorized access to sensitive systems and information within the Democratic Party and the DNC. Compromised credentials belonging to registered individuals and staff members of these entities could be used to infiltrate secure systems, access confidential information, and disrupt operations. This unauthorized access could impact the security and integrity of party activities and the upcoming DNC.
Given the political climate in the United States at the moment, that’s likely not good. Tom Marsland, VP of Technology, Cloud Range had this to say:
Compromised credentials of the DNC goes to show the lengths that threat actors will go to, to research their targets and exploit them. While there is no indication that these accounts were directly compromised, this also highlights the importance of basic cyber hygiene. In the current threat landscape, everyone is a target, and especially those who are working towards a specific interest (in this case politics) where there is “another side”. As we move deeper into election season, it will be important for everyone to remain vigilant and call out mis- and disinformation campaigns that could lead voters astray. One of the pillars of our country is free and fair elections, and as cyber professionals, all of us should rise up to denounce these attacks, thwart them through stronger defense (which includes user education on cyber hygiene – MFA, strong passwords, etc.), and band together for the common good of our elections.
Now the DNC has pushed back strongly on this report:
“The language in this report is an irresponsible and inaccurate characterization of the facts,” a DNC spokesperson said. “We take cybersecurity very seriously and have been preparing to host a safe and successful convention for over a year.”
DNC officials added that the records referenced in the ZeroFox report were from 2016, are no longer active and were accessed via external websites, not the official DemConvention[.]com website.
In my mind, any data leak is a bad thing. And I suspect that privately the DNC is super concerned about this. And I also suspect that they’re hoping that this isn’t the tip of the iceberg so to speak.
Share this:
Like this:
Related
This entry was posted on August 15, 2024 at 9:48 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.