Aug 19, 2018

Inside the Democratic war against hacks

Photo: Andrew Caballero-Reynolds/AFP/Getty Images

Democratic Sen. Jeanne Shaheen's team has sent out three fake spearphishing email campaigns to staffers over the last 18 months to test whether they’d fall for real hacking, her chief of staff, Maura Keefe, tells Axios. The result? Several fell for it.

Why it matters: Every political operation in the country is grappling with the reality that hackers may target them — that is, if they haven’t been infiltrated already.

The context: Keefe's effort is just one indicator of the cybersecurity culture shift starting to happen on the Hill:

  • They sent one email campaign prompting staff to open an attachment from an address imitating Keefe’s Senate email with a slight typo.
  • Another mimicked the legitimate attack last year that hit McCaskill’s team.
  • Another asked staff to change their Facebook passwords.
  • Those who got caught had to retake a cyber training course.

The impact: Fewer staffers clicked the phishing links with each new campaign, from five or six on the first, to just one. "It works," Keefe said. "It’s become a little bit of a point of pride for the staff to be on top of it."

The big picture: This is about playing catch-up on cybersecurity. "I was not hyper-aware and I don't think many people were" before the 2016 elections about cybersecurity, said Keefe. She added she didn't think Sen. Shaheen's previous campaign even had a line item in the budget for it. "It's definitely been an awakening," she said.

  • What’s next: Keefe, who chairs the Democratic chiefs of staff group, intends to discuss cybersecurity budgeting for the campaign cycle with other chiefs of staff.
  • Campaigns generally are nowhere near where Sen. Shaheen's office is — and she's not up for reelection until 2020. One-third of House candidates have vulnerable websites right now, according to a study released this month, and campaigns are often too strapped for cash to afford cybersecurity expertise.
  • The DNC has been sending spearphishing training emails to staffers as well, a Democratic source tells Axios.

The bottom line: The nature of political operations — from Iowa presidential strivers to the halls of the Senate — is changing. It's no longer just about policy and messaging, but also running cybertraining bootcamps to outsmart adversaries. And politicians can train their teams all they want, but each office is only as secure as its weakest, most distracted, careless clicker.

Go deeper:

Go deeper

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Global: Total confirmed cases as of 7 p.m. ET: 1,414,738 — Total deaths: 81,259 — Total recoveries: 298,642Map.
  2. U.S.: Total confirmed cases as of 7 p.m. ET: 387,547 — Total deaths: 12,291 — Total recoveries: 20,395Map.
  3. Federal government latest: Acting Navy secretary resigns over handling of virus-infected ship — Trump removes watchdog overseeing rollout of $2 trillion coronavirus bill.
  4. Business latest: America's food heroes in times of the coronavirus crisis. Even when the economy comes back to life, huge questions for airlines will remain.
  5. World latest: China reopens Wuhan after 10-week coronavirus lockdown.
  6. Wisconsin primary in photos: Thousands gathered to cast ballots in-person during the height of the coronavirus crisis in the U.S.
  7. 1 Olympics thing: About 6,500 athletes who qualified for the Tokyo Games will keep their spots in 2021.
  8. What should I do? Pets, moving and personal healthAnswers about the virus from Axios expertsWhat to know about social distancingQ&A: Minimizing your coronavirus risk.
  9. Other resources: CDC on how to avoid the virus, what to do if you get it.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

Airline industry braces for a forever-changed world

Illustration: Sarah Grillo/Axios

The airline industry got a $58 billion lifeline in the coronavirus federal aid package. But the path is unclear for these companies, whose operations and prospects will be forever changed by the global pandemic.

Why it matters: People may want to minimize travel for the foreseeable future. Investors, analysts and industry watchers are trying to determine how much airlines will need to spend — and how much more in lost revenue they'll see — while they adapt to the new reality.

Trump denies seeing Navarro memos warning about toll of coronavirus

President Trump said at a press briefing Tuesday that he "didn't see" memos from his trade adviser Peter Navarro warning in January and February that the coronavirus crisis could kill more than half a million Americans and cost close to $6 trillion.

Why it matters: Trump insisted that despite not seeing the memos, he did "more or less" what Navarro suggested by banning non-U.S. citizens from traveling from China effective Feb. 2.