Photo: Andrew Caballero-Reynolds/AFP/Getty Images

Democratic Sen. Jeanne Shaheen's team has sent out three fake spearphishing email campaigns to staffers over the last 18 months to test whether they’d fall for real hacking, her chief of staff, Maura Keefe, tells Axios. The result? Several fell for it.

Why it matters: Every political operation in the country is grappling with the reality that hackers may target them — that is, if they haven’t been infiltrated already.

The context: Keefe's effort is just one indicator of the cybersecurity culture shift starting to happen on the Hill:

  • They sent one email campaign prompting staff to open an attachment from an address imitating Keefe’s Senate email with a slight typo.
  • Another mimicked the legitimate attack last year that hit McCaskill’s team.
  • Another asked staff to change their Facebook passwords.
  • Those who got caught had to retake a cyber training course.

The impact: Fewer staffers clicked the phishing links with each new campaign, from five or six on the first, to just one. "It works," Keefe said. "It’s become a little bit of a point of pride for the staff to be on top of it."

The big picture: This is about playing catch-up on cybersecurity. "I was not hyper-aware and I don't think many people were" before the 2016 elections about cybersecurity, said Keefe. She added she didn't think Sen. Shaheen's previous campaign even had a line item in the budget for it. "It's definitely been an awakening," she said.

  • What’s next: Keefe, who chairs the Democratic chiefs of staff group, intends to discuss cybersecurity budgeting for the campaign cycle with other chiefs of staff.
  • Campaigns generally are nowhere near where Sen. Shaheen's office is — and she's not up for reelection until 2020. One-third of House candidates have vulnerable websites right now, according to a study released this month, and campaigns are often too strapped for cash to afford cybersecurity expertise.
  • The DNC has been sending spearphishing training emails to staffers as well, a Democratic source tells Axios.

The bottom line: The nature of political operations — from Iowa presidential strivers to the halls of the Senate — is changing. It's no longer just about policy and messaging, but also running cybertraining bootcamps to outsmart adversaries. And politicians can train their teams all they want, but each office is only as secure as its weakest, most distracted, careless clicker.

Go deeper:

Go deeper

Scoop: How the White House is trying to trap leakers

Illustration: Sarah Grillo/Axios

President Trump's chief of staff, Mark Meadows, has told several White House staffers he's fed specific nuggets of information to suspected leakers to see if they pass them on to reporters — a trap that would confirm his suspicions. "Meadows told me he was doing that," said one former White House official. "I don't know if it ever worked."

Why it matters: This hunt for leakers has put some White House staffers on edge, with multiple officials telling Axios that Meadows has been unusually vocal about his tactics. So far, he's caught only one person, for a minor leak.

Updated 3 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 4 p.m. ET: 12,813,864 — Total deaths: 566,790 — Total recoveries — 7,046,535Map.
  2. U.S.: Total confirmed cases as of 4 p.m. ET: 3,286,025 — Total deaths: 135,089 — Total recoveries: 995,576 — Total tested: 39,553,395Map.
  3. States: Florida smashes single-day record for new coronavirus cases with over 15,000 — Miami-Dade mayor says "it won't be long" until county's hospitals reach capacity.
  4. Public health: Ex-FDA chief projects "apex" of South's coronavirus curve in 2-3 weeks — Coronavirus testing czar: Lockdowns in hotspots "should be on the table"
  5. Education: Betsy DeVos says schools that don't reopen shouldn't get federal funds — Pelosi accuses Trump of "messing with the health of our children."

11 GOP congressional nominees support QAnon conspiracy

Lauren Boebert posing in her restaurant in Rifle, Colorado, on April 24. Photo: Emily Kask/AFP

At least 11 Republican congressional nominees have publicly supported or defended the QAnon conspiracy theory movement or some of its tenets — and more aligned with the movement may still find a way onto ballots this year.

Why it matters: Their progress shows how a fringe online forum built on unsubstantiated claims and flagged as a threat by the FBI is seeking a foothold in the U.S. political mainstream.