Luke Rosiak, DCNF
Republicans with the National Republican Congressional Committee hired cyber security firm Crowdstrike — a team led by a Russian ex-pat and former FBI official that worked with the DNC and bungled the response to its embarrassing email hack — and the NRCC got hacked during the 2018 election.
Politico reported Tuesday that the emails of four top NRCC officials were stolen in a major hack that was detected in April, eight months ago.
The NRCC did not tell Republican leaders or the public that it had been hacked, though it did notify the FBI.
The NRCC would not say what information was compromised. “We don’t want to get into details about what was taken because it’s an ongoing investigation,” a senior party official told Politico. “Let’s say they had access to four active accounts. I think you can draw from that.”
It said that a different vendor, not Crowdstrike, finally detected the hack:
The hack was first detected by an MSSP, a managed security services provider that monitors the NRCC’s network. The MSSP informed NRCC officials and they, in turn, alerted Crowdstrike, a well-known cybersecurity firm that had already been retained by the NRCC.
The NRCC paid CrowdStrike at least $120,000 in 2017, according to campaign finance records.
CrowdStrike was on the scene responding to the DNC’s hack as of May 5, 2016, but emails continued to be stolen for weeks. In fact, the majority of the emails on Wikileaks were not even written until after May 5. That’s despite the fact that Crowdstrike claims it knew within minutes that the problem was a specific virus and that it was tied to Russia.
Crowdstrike took until June 10 to replace all the software in a move it believed would put an end to the breach, but by then, the it had already stopped.
The DNC’s head — without even informing its own board — refused to let the FBI examine the server and instead had Crowdstrike write a report whose explanation of the hack was fed to the Washington Post and relied upon by the intelligence community.
A former senior Democrat information security professional told the Daily Caller News Foundation, “I just hate Crowdstrike so much. Their incompetence just makes me sigh.”
He also faulted the the NRCC for selecting the firm and for not learning from history.
“Apparently the NRCC didnt pay attention to security hygiene for their senior staff. This is a continuous problem for senior political staff that think that they’re too senior to have to need good security practices; they’re not technical enough to follow thru with good security practices; or that it’s too much of a hassle to commit to good security practices,” he said.
The NRCC and Crowdstrike did not immediately return requests for comment.
Party officials told Politico that they “believe it was a foreign agent due to the nature of the attack.”
CrowdStrike Services President Shawn Henry is a retired executive assistant director of the FBI. Co-founder Dmitri Alperovitch is a Russian expatriate.
Former President Barack Obama’s Homeland Security Secretary Jeh Johnson testified that the DNC declined help from his agency after the email system was hacked. “The response I got was, the FBI had spoken to them. They don’t want our help. They have CrowdStrike, the cyber security firm… I recall very clearly that I was not pleased that we were not in there helping them patch this vulnerability.”
The DNC went on to blame the hack for its election loss to Donald Trump.