Politics

Republicans Hired DNC’s Cyber-Firm CrowdStrike — And Got Hacked in 2018

Republicans Hired DNC’s Cyber-Firm CrowdStrike — And Got Hacked in 2018

Hacking password illustration (By Santeri Viinamäki, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=53153294)

  • The emails of four National Republican Congressional Committee senior officials were stolen in a hack that was detected in April 2018, according to Politico.
  • The NRCC had previously hired CrowdStrike, which allowed Democratic National Committee emails to be stolen even after the 2016 hack was detected.
  • Crowdstrike did not detect the NRCC breach — another vendor did.

The National Republican Congressional Committee was hacked during the 2018 election after hiring CrowdStrike, the cyber-firm that the Democratic National Committee employed that allowed DNC emails to be stolen even after the 2016 hack was detected.

The emails of four top NRCC officials were stolen in a major hack that was detected in April — eight months ago, Politico reported Tuesday. The NRCC did not tell Republican leaders or the public that it had been hacked, though it did notify the FBI.

The NRCC would not say what information was compromised.

“We don’t want to get into details about what was taken because it’s an ongoing investigation,” a senior party official told Politico. “Let’s say they had access to four active accounts. I think you can draw from that.”

Politico reported that a different vendor, not CrowdStrike, finally detected the hack:

The hack was first detected by an MSSP, a managed security services provider that monitors the NRCC’s network. The MSSP informed NRCC officials and they, in turn, alerted Crowdstrike, a well-known cybersecurity firm that had already been retained by the NRCC.

The NRCC paid Crowdstrike at least $120,000 in 2017, according to campaign finance records.

CrowdStrike was responding to the DNC’s hack as of May 5, 2016, but emails continued to be stolen for weeks. In fact, the majority of the emails WikiLeaks published were not even written until after May 5. That’s despite the fact that CrowdStrike claimed it knew within minutes that the problem was a specific virus and that it was tied to Russia.

CrowdStrike, which is led by a Russian ex-pat and a former FBI official, took until June 10, 2016, to replace all the software in a move it believed would put an end to the breach. The last DNC email WikiLeaks published was written on May 25.

Then-DNC head, Florida Rep. Debbie Wasserman Schultz — without even informing the DNC’s own board — reportedly refused to let the FBI examine the server and instead had CrowdStrike investigate the breach.

“I just hate Crowdstrike so much,” a former senior Democrat information security professional told The Daily Caller News Foundation. “Their incompetence just makes me sigh.”

He also faulted the the NRCC for selecting the firm and for not learning from history.

“Apparently the NRCC didnt pay attention to security hygiene for their senior staff,” he said. “This is a continuous problem for senior political staff that think that they’re too senior to have to need good security practices; they’re not technical enough to follow thru with good security practices; or that it’s too much of a hassle to commit to good security practices.”

The NRCC and Crowdstrike did not immediately return requests for comment.

Party officials told Politico that they “believe it was a foreign agent due to the nature of the attack.”

CrowdStrike Services President Shawn Henry is a retired executive assistant director of the FBI. Co-founder Dmitri Alperovitch is a Russian expatriate.

Former President Barack Obama’s Homeland Security Secretary Jeh Johnson testified that the DNC declined help from his agency after the email system was hacked.

“The response I got was, the FBI had spoken to them,” Johnson said. “They don’t want our help. They have CrowdStrike, the cyber security firm … I recall very clearly that I was not pleased that we were not in there helping them patch this vulnerability.”

The DNC went on to blame the hack, in part, for its election loss to Donald Trump.

Follow Luke on Twitter. Send tips to [email protected]. PGP key.

All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact [email protected].