Skip to main content

Analysis | The Cybersecurity 202: Trump campaign site hack shows risks of even low-grade election interference

Joseph Marks

with Tonya Riley

A brief but colorful breach of President Trump’s campaign website is underscoring how even unsophisticated efforts at election interference can rattle voters and undermine the democratic process. 

Officials and experts were eager to put the breach into context in the final week of the election – during which millions of Americans are expected to flock to the websites of candidates and state and local election offices for last-minute information before casting their ballots. 

Chris Krebs, head of the Department of Homeland Security’s election security division, sought to tamp down concern and called it an effort to “distract, sensationalize, and confuse” and to “undermine your confidence in our voting process.” 

The hackers managed to deface the site’s “About” page for several minutes, replacing it with a screed that claimed in broken English and without evidence to have compromising information about the president and his family culled from multiple hacked devices.  

“[T]he world has had enough of the fake-news spreaded daily by president donald j trump,” read the message, which also included FBI and Justice Department seals. “[I]t is time to allow the world to know truth.”

To be clear, there’s no evidence that the hackers gained access to any private campaign data or that they’re affiliated with a foreign intelligence service capable of mounting a sophisticated election interference operation

Indeed, the fact that they were booted so quickly from the site is a strike against their technical capabilities. 

Trump Communications Director Tim Murtaugh said on Twitter that law enforcement authorities are investigating the breach. He said there’s no chance hackers stole sensitive data because none is stored on the site. 

The message also closed by soliciting cryptocurrency from people interested in seeing the alleged incriminating information about the president — a sign that the hackers had financial motives, rather than political ones in mind.  

“I don’t think this is something people should lose any sleep over,” John Hultquist, senior director of intelligence analysis at the cybersecurity firm FireEye, told me. “It still has to be reviewed, but the most likely scenario is this is a scam to make money.” 

More from Hultquist:

Yet a sitting president’s campaign site being so easily compromised is sure to give some Americans heartburn.

That’s especially true during an election in which U.S. adversaries have already launched a series of operations aimed at influencing voters and provoking mistrust in the electoral system. Most prominently, the FBI and intelligence agencies alerted last week about an alleged Iranian scheme to send threatening emails to Democratic voters posing as a far right group that supports Trump. 

Election officials have sounded alarms about the dangers of campaign and government-run election sites being hijacked by hackers who deface them or hold them hostage for ransom payments. A ransomware attack briefly disabled a Georgia county election database earlier this month.

And this defacement also comes after a widespread Twitter breach compromised accounts for numerous prominent people including Democratic nominee Joe Biden. That breach also appeared to be aimed at scamming people into paying cryptocurrency — creating the amazing situation in which the digital presence of both parties' presidential nominees has been at least briefly hijacked by scammers during the campaign's final months. 

CNN’s Donie O’Sullivan:

The breach also raises questions about how scrupulously the Trump campaign is managing its cybersecurity. 

While it's not clear how hackers accessed the site, it's possible it was by stealing the account access of a campaign staffer or conning the staffer into giving up passwords or other secret information. 

The Trump campaign didn’t respond to my questions last night about cybersecurity precautions its staff takes. A spokeswoman for the campaign previously declined to answer the same questions, saying the campaign “takes cybersecurity seriously,” but doesn’t discuss specifics about its operations. 

The Biden campaign previously said it follows best practices, including requiring staff to use multi-factor authentication and complete cybersecurity training. 

The breach also carried some bitter irony for Trump, who earlier this month claimed that “nobody gets hacked.” 

“To get hacked, you need somebody with 197 IQ and he needs about 15 percent of your password,” Trump claimed at a rally in Arizona, mocking a C-SPAN host for falsely claiming his account was hacked. 

In fact, this isn’t Trump’s first brush with hacking. His 2016 campaign site was defaced in February 2017, soon after his inauguration. Later that year, hackers stole credit card information from guests at 14 properties owned by Trump’s real estate business, including hotels in Washington, D.C., and New York City. 

The keys

Facebook took down a network of accounts promoting Iranian disinformation about the U.S. election. 

One of the accounts sought to amplify an alleged scheme in which Iranians posing as the Proud Boys, a far-right group, sent emails to Democratic voters threatening them if they didn't vote for Trump, Dustin Volz and Jeff Horwitz at the Wall Street Journal report. The Office of the Director of National Intelligence attributed the emails to Iran and said that Russia could also use voter data to attempt to create the appearance of election interference.

 Foreign actors are exaggerating their influence over the election, Facebook says. “It’s important that we all stay vigilant, but also see these campaigns for what they are — small and ineffective,” Nathaniel Gleicher, Facebook’s head of cybersecurity policy, said in a news release. “Overstating the importance of these campaigns is exactly what these malicious actors want, and we should not take the bait.”

Gleicher specifically warned about phony claims about compromised election infrastructure.

Acting homeland security secretary Chad Wolf told CBS news the agency is on “high alert” ahead of the election. “This is a prime opportunity for any adversaries, whether it be Russia or Iran or it’s a cyber actor,” he said. 

A DHS watchdog dinged CISA’s preparations for violence at polling places. CISA says the report was poorly timed.

The Cybersecurity and Infrastructure Security Agency effectively beefed up defenses against digital election threats, but not physical threats or violence that could disrupt Election Day, the report says, Raphael Satter and Christopher Bing at Reuters report.

The warning comes as civil rights groups and election officials worry about the risk of polling place violence and unrest.

Both CISA Director Chris Krebs and the National Association of State Election Directors criticized the report for casting doubt on security just a week before the election.

“I am confident that the work we have done to protect the 2020 election means your vote is secure and you should vote with confidence,” Krebs said in a message to voters.

Amy Cohen, executive director of the National Association of State Election Directors, said the report “does not fully demonstrate how far the relationship between the election community and CISA has come.”

The government's top intelligence officer will brief representatives from Florida about election threats on Friday.

The Office of the Director of National Intelligence will meet with Reps. Stephanie Murphy (D-Fla.) and Michael Waltz (R-Fla.) about a recent email campaign to intimidate voters, which U.S. intelligence has attributed to Iran.

Murphy’s office confirmed the meeting.

The emails, which spoofed the far-right Proud Boys, reached hundreds of Democratic voters in Florida.

The Miami Herald initially reported that ODNI had denied the request, citing a “lack of bandwidth.” Waltz and the intelligence office disputed that characterization.

Chat room

Election pros criticized Supreme Court Justice Brett M. Kavanaugh for making misleading statements about when to expect official election results in a ruling that blocked accepting mail ballots in Wisconsin that arrive after Election Day. Here is R Street Senior Fellow Paul Rosenzweig:

Justice Elena Kagan’s dissent made a similar point:

Vermont Secretary of State Jim Condos (D) said Kavanaugh incorrectly said his state had not made changes to its election processes:

More cybersecurity news:


  • The Senate Commerce Committee will hold a hearing today to examine Section 230 immunity at 10 a.m.
  • The USC Election Cybersecurity Initiative will host a final workshop on the lessons from the workshops it has hosted in 50 states leading up to the election on Wednesday at 1:30 p.m.
  • The Cybersecurity Coalition and the Cyber Threat Alliance will host CyberNextDC on Nov. 17-18, starting at 11 a.m.

Secure log off

A reminder of a simpler time.


Popular posts from this blog

Analysis | The Cybersecurity 202: How the shutdown could make it harder for the government to retain cybersecurity talent

By Joseph Marks 13-17 minutes THE KEY President Trump delivers an address about border security amid a partial government shutdown on Jan. 8. (Carolyn Kaster/AP) The partial government shutdown that's now in its 18th day is putting key cyber policy priorities on hold and leaving vital operations to a bare bones staff. But the far greater long-term danger may be the blow to government cyber defenders' morale, former officials warn. With the prospect of better pay and greater job security in the private sector, more government cyber operators are likely to decamp to industry, those former officials tell me, and the smartest cybersecurity graduates will look to industry rather than government to hone their skills. That’s especially dangerous, they say, considering the government’s struggle to recruit and retain skilled workers amid a nationwide shortage of cybersecurity talent. About 20 percent of staffers are furloughed at the De

Democrats call for investigation into Trump’s iPhone use after a report that China is listening:Analysis | The Daily 202 I The Washington Post. By James Hohmann _________________________________________________________________________________ President Trump and Chinese President Xi Jinping visit the Great Hall of the People in Beijing last November. (Andrew Harnik/AP) With Breanne Deppisch and Joanie Greve THE BIG IDEA: If Democrats win the House in two weeks, it’s a safe bet that one of the oversight hearings they schedule for early next year would focus on President Trump’s use of unsecured cellphones. The matter would not likely be pursued with anywhere near the gusto that congressional Republicans investigated Hillary Clinton’s use of a private email server during her time as secretary of state. Leaders of the minority party have higher priorities . But Democratic lawmakers made clear Thursday morning that they will not ignore a New York Times report that Trump has refused to stop using iPhones in the White House, despite repeated warnings from U.S. intelligence offici

RTTNews: Morning Market Briefing.-Weekly Jobless Claims Edge Down To 444,000. May 13th 2010

Morning Market Briefing Thu May 13 09:01 2010   Commentary May 13, 2010 Stocks Poised For Lackluster Open Amid Mixed Market Sentiment - U.S. Commentary Stocks are on pace for a mixed start to Thursday's session, as a mostly upbeat jobs report continued to relieve the markets while some consternation regarding the European debt crisis remained on traders' minds. The major index futures are little changed, with the Dow futures down by 4 points. Full Article Economic News May 13, 2010 Weekly Jobless Claims Edge Down To 444,000 First-time claims for unemployment benefits showed another modest decrease in the week ended May 8th, according to a report released by the Labor Department on Thursday, although the number of claims exceeded estimates due to an upward revision to the previous week's data. Full Article May 13, 2010 Malaysia's Decade High Growth Triggers Policy Tightening Malaysia's economy grew at the fastest pace in a decade in