FBI Probes Computer Hacks in California House Campaigns
22.8.18 securityweek BigBrothers
HUNTINGTON BEACH, Calif. (AP) — The FBI launched investigations after two Southern California Democratic U.S. House candidates were targeted by computer hackers, though it's unclear whether politics had anything to do with the attacks.
A law enforcement official told The Associated Press the FBI looked into hacks involving David Min in the 45th Congressional District and Hans Keirstead in the adjacent 48th District. Both districts are in Orange County and are seen as potential pickups as the Democratic Party seeks to win control of the Congress in November.
A person with knowledge of the Min investigation told the AP on Monday that two laptops used by senior staffers for the candidate were found infected with malware in March. It's not clear what, if any, data was stolen, and there is no evidence the breach influenced the contest.
The CEO of a biomedical research company, Keirstead last summer was the victim of a broad "spear-phishing" attack, in which emails that appear to come from a friend or familiar source are designed to help hackers snatch sensitive or confidential information, the law enforcement official said. There is no evidence Keirstead lost valuable information.
The investigations so far have not turned up evidence the two candidates in Orange County were political targets.
The official and the knowledgeable person were not authorized to discuss the cases publicly and spoke only on condition of anonymity.
Keirstead was narrowly defeated in the June primary for the seat held by Republican Rep. Dana Rohrabacher. Min came in third in the contest to unseat Republican Rep. Mimi Walters.
Min's staff was alerted to a potential cyberattack by a facility manager in the software incubator where his campaign rented space. It was later found the computers were infected with software that records and sends keystrokes, with additional software that concealed it from conventional anti-virus tools used by the campaign.
Hackers also used a broad spear-phishing attack in an attempt to gain access, and FBI investigators are still piecing together additional details, the official said.
The two laptops were replaced, and Min's computer was not infected. The attack on the computers was first reported by Reuters.
Keirstead campaign officials detected repeated attempts to access the campaign's website.
Rolling Stone magazine, which first reported that cyberattack, said hackers or bots tried different username-password combinations in a rapid-fire sequence over a two-and-a-half-month period to get inside the campaign's WordPress-hosted website.
According to the campaign, there were also more than 130,000 so-called brute force attempts over a monthlong period to gain access to the campaign's server through the cloud-server company that hosted the Keirstead campaign's website, Rolling Stone said.
Computer security experts say that many attempts to gain access to a site hosted with the popular and free WordPress software is not unusual.
"Every WordPress hosted website sees 130,000 brute force attempts over a monthlong period, regardless whether it's Bohemian basket weaving, a blog about furry costume construction, or a politician website," said Robert Graham, a cybersecurity expert who created the BlackICE personal firewall.
"Hackers don't know or care who you are: they only care that you use WordPress," Graham said in a text message.
Min finished third behind fellow Democrat Katie Porter, who faces Walters in November. In the 48th District, Rohrabacher will face Democrat Harley Rouda, who snagged the second runoff spot by defeating Keirstead by 125 votes.