Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Bill Clark/CQ Roll Call via Getty

The Democratic National Committee has been conducting spearphishing email training to help its staff learn to avoid malicious emails that could compromise security, a Democratic source tells Axios.

Why it matters: The DNC knows how badly it was hurt by the hacking attack that compromised it (as well as the Clinton campaign) in 2016, leading to a data dump of internal emails, and is trying to avoid a repeat.

The intrigue: The DNC is on high alert for malicious phishing campaigns, which trick targeted users into clicking look-alike links or file attachments and entering passwords. This week, the DNC reported to law enforcement a site that appeared to be the precursor to an attack — a fake DNC login page — but turned out to have been independently set up by Michigan Democrats without approval from the DNC.

The details: The training is sent every couple of weeks, sometimes to the entire DNC staff and other times just to certain teams, but the Democratic source would not detail exactly how it works.

In addition to the training, other preparations the DNC has taken include issuing warnings to employees about certain vendors, training staffers on cyber hygiene practices, and changing the hardware the committee uses.

Culture

The DNC has retrained staffers to assume systems are breached, according to Reuters' Joseph Menn.

  • The DNC is ramping up its communications with staffers about best practices with a security checklist to confirm they’re following them, per the Democratic source. That includes checking for two-factor authentication on personal accounts, long, unique passwords, encryption on computers, and whether they’ve launched the latest security patches.
  • Signs hang in the DNC bathroom reminding staffers email is not secure, per Politico.
Changes to training and vendors

The DNC has worked with Microsoft to train employees on best practices for cybersecurity, and that training will soon expand more widely to Democratic campaigns, according to CyberScoop's Chris Bing.

  • The DNC has urged staffers and candidates not to use devices from Chinese Huawei and ZTE, which U.S. intelligence leaders have warned are a national security threat.
  • The staff has been encouraged to use encrypted messaging apps, like Signal, per CyberScoop.
  • They've switched email and data storage to Google's cloud, per Reuters.
  • The DNC has replaced most Windows computers with Apple hardware and Google Chromebooks, per Reuters.
  • The DNC started working with identity management firm Okta last summer, so that only devices that have been scanned to confirm their users’ identity can gain access to the DNC systems, a Democratic source told Axios.

The bottom line: The DNC is still working to get ahead of a threat that remains a problem two years after it rocked the 2016 campaign.

Go deeper

Updated 7 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Health: The good and bad news about antibody therapies — Fauci: Hotspots have materialized across "the entire country."
  2. World: Belgium imposes lockdown, citing "health emergency" due to influx of cases.
  3. Economy: Conference Board predicts economy won’t fully recover until late 2021.
  4. Education: Surge threatens to shut classrooms down again.
  5. Technology: The pandemic isn't slowing tech.
  6. Travel: CDC replaces COVID-19 cruise ban with less restrictive "conditional sailing order."
  7. Sports: High school football's pandemic struggles.
  8. 🎧Podcast: The vaccine race turns toward nationalism.
Dan Primack, author of Pro Rata
Updated 8 hours ago - Economy & Business

Dunkin' Brands agrees to $11B Inspire Brands sale

Photo: Alexi Rosenfeld/Getty Images

Dunkin' Brands, operator of both Dunkin' Donuts and Baskin-Robbins, agreed on Friday to be taken private for nearly $11.3 billion, including debt, by Inspire Brands, a restaurant platform sponsored by private equity firm Roark Capital.

Why it matters: Buying Dunkin’ will more than double Inspire’s footprint, making it one of the biggest restaurant deals in the past 10 years. This could ultimately set up an IPO for Inspire, which already owns Arby's, Jimmy John's and Buffalo Wild Wings.

Ina Fried, author of Login
10 hours ago - Technology

Federal judge halts Trump administration limit on TikTok

Illustration: Aïda Amer/Axios

A federal judge on Friday issued an injunction preventing the Trump administration from imposing limits on the distribution of TikTok, Bloomberg reports. The injunction request came as part of a suit brought by creators who make a living on the video service.

Why it matters: The administration has been seeking to force a sale of, or block, the Chinese-owned service. It also moved to ban the service from operating in the U.S. as of Nov. 12, a move which was put on hold by Friday's injunction.

Get Axios AM in your inbox

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!