Dec 4, 2018

What we know and don't know about the NRCC email hack

Photo: Epoxydude via Getty Images

Although the news (via Politico) that the National Republican Congressional Committee was hacked during this year's midterm election may immediately summon flashbacks to the 2016 attack on Democratic targets, we still have far too little information to know whether there are any substantial parallels.

Why it matters: We don't know who, why or how, or what attackers were even trying to accomplish with the theft. But after 2016, we do know that hacking political parties spreads distrust in many directions.

What we know: In April, an NRCC vendor discovered that the email accounts of four senior aides with "active accounts" were compromised per the original story.

  • The NRCC opted not to alert the public or several key members of Congress about the breach, which they say they hoped would allow them to further track the hacker or hackers.
  • The NRCC was, however, aware of the stir hacked emails could cause, and hired lawyers (Covington and Burling) and the political strategy firm Mercury Public Affairs to cover the breach.
  • The NRCC is cooperating with authorities and does not believe donor information has been compromised.

What we don't know: We don't know who did it. Party officials (not cybersecurity experts) told Politico they believed it was likely a nation spearheading the hack, but only because they were the target.

  • We don't know exactly who was targeted, although the fact that none of the four accounts contained donor information may limit the potential victims.
  • We don't know how the attackers got into the system, though these attacks are frequently perpetrated by phishing.

We don't know how it relates to the Democrats whose emails were stolen in 2016 and leaked on WikiLeaks with other documents leaked through the Guccifer 2.0 persona.

  • And we don't know if there was any connection to the Republicans whose emails were hacked in 2016 by the same actor and spread on the site DCLeaks.

But we do know that most cyber espionage isn't intended for leaks. Typically it's more mundane, gathering knowledge of political and economic developments to adjust negotiating tactics and other decisions.

Go deeper

Exclusive: Trump's "Deep State" hit list

Illustration: Aïda Amer/Axios. Photos: WPA Pool/Getty Pool, Drew Angerer/Getty Staff

The Trump White House and its allies, over the past 18 months, assembled detailed lists of disloyal government officials to oust — and trusted pro-Trump people to replace them — according to more than a dozen sources familiar with the effort who spoke to Axios.

Driving the news: By the time President Trump instructed his 29-year-old former body man and new head of presidential personnel to rid his government of anti-Trump officials, he'd gathered reams of material to support his suspicions.

Exclusive: Anti-Sanders campaign targets black South Carolina voters

Courtesy of The Big Tent Project

The Big Tent Project, a Democratic political group focused on promoting moderate presidential candidates, has sent hundreds of thousands of mailers bashing Bernie Sanders to black voters in South Carolina who voted in the state's 2016 primary.

Why it matters: Sanders' rise to the top of the pack, as dueling moderate candidates split their side of the vote, is worrying many in the Democratic political establishment who fear a socialist can't beat President Trump.

Inside the fight over FBI surveillance powers

Carter Page. Photo: Artyom Korotayev\TASS via Getty Images

Over the past year, President Trump has told senior administration officials, including Attorney General Bill Barr, that he wants a major overhaul of national security surveillance powers and the secret court that approves them.

Behind the scenes: In one such discussion last year about the need to reauthorize government authorities to surveil U.S. citizens, Trump went so far as to say he'd rather get rid of the Foreign Intelligence Surveillance Act (FISA) altogether.