Presidential candidate Bernie Sanders’ (D-VT) campaign said it has been invaded by an online “impersonator” posing as one of his staffers.
The person (or persons) who reportedly used a Russian-registered domain, also tried to initiate conversations with at least two other campaigns, the Associated Press (AP) reported. A month ago, Sanders said he’d been briefed by intelligence officials that Russian operatives were trying to influence his run for the presidency.
A Sanders campaign spokesman confirmed the incident and the domain registration. There was no clear indication that state sponsored Russian hackers are involved. “It’s clear the efforts and investments made by the DNC and all the campaigns to shore up our cybersecurity systems are working,” the spokesperson said. “We will remain vigilant and continue to learn from each incident.”
In response to the Sanders' campaign intrusion, the Democratic National Committee warned all of its candidates to be on the lookout for similar activities. Bob Lord, the DNC’s chief security officer, wrote in an email to his party’s presidential campaigns last week that “adversaries will often try to impersonate real people on a campaign” to get people to “download suspicious files, or click on a link to a phishing site.”
Lord cautioned election officials that the attackers may also try to set up a call or in-person meeting that they can record and publish. As a safety precaution, he directed presidential campaigns to use “official campaign domains for all business,” the AP reported. “If you are using an alternate domain, please refrain from doing so and let us know if you are operating from a domain that others have not corresponded with before,” Lord wrote in a memo, the report said. “Do not use your personal mail account for official business.”
Foreign bad actors meddling in the 2020 presidential campaign has been expected for some time; the uncertainty for security defenders has been how, where and who. A recent report by the Senate Intelligence Committee said that Obama administration officials were “limited by incomplete information” on the threat of Russian intervention in the 2016 Presidential election. The report found that the U.S. government wasn’t prepared to respond to Russian hacking and had a “narrow slate of response options” from which to draw.
“Senior U.S. Government officials in both the Executive and Legislative Branches believed they were in uncharted territory in the second half of 2016. They became aware of aspects of Russian interference in U.S. elections over the summer and fall, but these officials had incomplete information on the scope of the threat,” the report said. Officials strongly encouraged the Trump administration and others following to prioritize election security over party loyalty. “These steps should include explicitly putting aside politics when addressing the American people on election threats and marshaling all the resources of the U.S. Government to effectively confront the threat.”