Experts Reacted On Wisconsin Republican Party Says Hackers Stole $2.3 Million

By   ISBuzz Team
Writer , Information Security Buzz | Nov 02, 2020 03:25 am PST

Hackers stole $2.3 million from the Wisconsin Republican Party’s account that was being used to help reelect President Donald Trump in the key battleground state, the party’s chairman told The Associated Press on Thursday. The party noticed the suspicious activity on Oct. 22 and contacted the FBI on Friday, said Republican Party Chairman Andrew Hitt. Hitt said the FBI is investigating. FBI spokesman Leonard Peace did not immediately return a message seeking comment. The attack was discovered less than two weeks before Election Day as both Trump and Democratic rival Joe Biden made their final push to win Wisconsin and its 10 electoral votes.

Notify of
3 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Hank Schless
Hank Schless , Senior Manager, Security Solutions
November 2, 2020 11:31 am

With Election Day drawing closer, campaign staffers are on the clock and on the move 24/7. But in order to keep the momentum going, they’re relying heavily on their smartphones and tablets. Campaign workers communicate directly with reporters and coordinate with other staffers over messaging apps and SMS. They also need to run their candidates’ social media accounts. SMS, social media, and third-party messaging platforms are three of the most popular platforms threat actors use to socially engineer targets into falling for phishing attempts. It’s gone so far as the DNC warning campaign workers against social engineering through dating apps in a statement issued earlier this year.

Fatigue is also an important factor to consider. It’s already hard enough to spot a well-crafted phishing page on smartphones and tablets with smaller screens and simplified UI. Working long days means employees aren’t as alert and could overlook a red flag that indicates a phishing attack. The reason attackers build targeted mobile spear phishing campaigns is to socially engineer specific employees into giving up their credentials. They want to gain access to the campaign’s infrastructure to steal data or resources normally accessed by that individual. The attacker can carry out their campaign through SMS, email, iMessage, social media platforms, third-party messaging apps, and more.

In this case, the attacker likely targeted individuals who handled the campaign’s finances in order to gain access to the expense management system. By just tweaking the routing numbers on expense reports, the attackers were able to steal millions of dollars. This shows how one small change can have a large scale effect. We have to remember that not all cyberattacks require malicious software. Credential theft through phishing is one of the easiest ways malicious actors can gain access to your infrastructure.

Last edited 3 years ago by Hank Schless
Chris Hauk
Chris Hauk , Consumer Privacy Champion
November 2, 2020 11:28 am

I am surprised that we haven\’t seen more incidents like this, as hackers on both sides of the aisle seek to find the unfair advantage over the other side. If you can\’t affect the outcome of the vote directly by hacking voting machines, the next best thing is to hit your opponent where it hurts, in their pocketbook.

Last edited 3 years ago by Chris Hauk
Paul Bischoff
Paul Bischoff , Privacy Advocate
November 2, 2020 11:25 am

Scams and phishing attacks on political parties in the US are very common, but are usually easily spotted and discarded. This attack demonstrates that although only a small fraction of scams actually work, they can be quite lucrative when they do. Scams and phishing attacks—fake invoices in particular—are an easy attack to pull off, cheap to operate, and difficult to trace. The use of a fake invoice means that all it took was a convincing impersonation and an email attachment.

Last edited 3 years ago by Paul Bischoff

Recent Posts

Would love your thoughts, please comment.x