EXECUTIVE SUMMARY:
On Tuesday, cyber criminals defaced President Trump’s 2020 campaign website. Hackers replaced the text on the site with a note about possessing sensitive information that could redefine how American citizens view the current President.
The defaced site instructed voters to send cryptocurrency through one link if they wanted the hackers to openly share the sensitive information, and to send cryptocurrency through a different link if they preferred for the hackers to keep the information to themselves.
Image of website attack ahead of 2020 election. Image courtesy of Threatpost.
Who launched the attack?
The perpetrators have not been identified. The US Federal Bureau of Investigation has not yet commented on the attack. This is not the first election oriented attack this year. A ransomware attack on the US state of Georgia’s infrastructure unfolded earlier this month.
Did the attack compromise the Trump campaign or the election?
Trump’s campaign communications director, Tim Murtaugh, tweeted “There was no exposure to sensitive data because none of it is actually stored on the site.” Authorities are working to investigate the attack, reports Murtaugh.
How did the attack occur?
The attack may have been connected to weak password policies and mismanaged accounts, says cyber security compliance expert and CEO, Karen Walsh.
Last week, Dutch security researcher and ethical hacker, Victor Gevers, correctly guessed Trump’s Twitter account password. The password was reportedly “maga2020!” Press pieces stated that Trump had failed to apply basic security protocols, such as multi-factor authentication.
However, on the day that the Gevers made his report, a Twitter spokesperson stated that the company had not seen any evidence of an inauthentic login attempt.
What is the US Cyber Security and Infrastructure Agency saying?
“…website defacements are noise. Don’t fall for these attempts designed to distract, sensationalize, and confuse. Ultimately they’re trying to undermine your confidence in our voting process,” says CISA Director, Chris Krebs.
For more on this election oriented cyber attack, visit ThreatPost.