America's Democratic National Committee has warned its electoral candidates to be wary after a phony Bernie Sanders campaign staffer used a fake domain to contact other political campaigns.
The cyber-imposter attempted to set up conversations with at least two other campaigns using a spoofed domain registered outside the United States. Sanders campaign spokesperson Mike Casca said yesterday that he believed the domain to be registered in Russia.
Casca said that the detection of the imposter was the indication that the party's cybersecurity was working well.
“It’s clear the efforts and investments made by the DNC and all the campaigns to shore up our cybersecurity systems are working,” Casca told the Associated Press. “We will remain vigilant and continue to learn from each incident.”
DNC chief security officer Bob Lord emailed the party's presidential campaigns yesterday, urging them to be on the lookout for charlatans. Lord said that “adversaries will often try to impersonate real people on a campaign” to get people to “download suspicious files or click on a link to a phishing site.”
Campaigns were also instructed to question the plausibility of anyone attempting to arrange a call or meeting that could be recorded or published.
Though authorities have been notified about the fraudulent Sanders staffer, Lord expressed little hope that the impersonator would be identified, noting that "attribution is notoriously hard."
In an effort to sort the real domains from the fake, Lord wrote in his email to campaigns: "If you are using an alternate domain, please refrain from doing so and let us know if you are operating from a domain that others have not corresponded with before."
The CSO then instructed campaign staffers not to use their personal email accounts for official business.
If Lord's message sounds a trifle paranoid, it's worth remembering that a phishing attack on John Podesta, chairman of Hillary Clinton's 2016 presidential campaign, resulted in thousands of emails being hacked and leaked.
Podesta was deceived by an official-looking email sent to his Gmail account. Purporting to be from Google, the message warned Podesta that someone in Ukraine had accessed his personal Gmail password and had tried to log into his account. The email implored Podesta to immediately change his password, directing him to a malicious website to achieve this.