Case Study – Protecting the 2008 U.S. Presidential Election from Cyber Attacks

Protecting the 2008 U.S. Presidential Election from Cyber Attacks

During the 2008 U.S. presidential election cycle, the FBI and U.S. Secret Service determined the Obama and the McCain campaigns were being targeted by hackers likely associated with foreign governments. Within days of this discovery, Kroll was enlisted to investigate all systems and determine the extent of any potential compromise. A team of experts, led by Senior Managing Director Alan Brill, was dispatched to Obama’s campaign headquarters and to the Democratic National Committee to identify the infection, cleanse infected systems and bolster defenses. 

Our investigators determined the compromise occurred through a phishing email made to look like the outline of a meeting agenda and containing a malicious .zip file attachment. Once opened, the attachment released a virus that made its way around the network, kicking off an infection chain that compromised the computers of various senior staffers. In an NBC News article covering the attack, reporter Michael Isikoff pinpoints a passage from President Obama at a May 29, 2009, White House event announcing a new cyber security policy where he confirms the impact of the attack: “Hackers gained access to emails and a range of campaign files, from policy position papers to travel plans,” he said then.

As the investigation developed, our team identified the virus buried in the network, with the ability to keep itself hidden for months or years without being detected, proving to be a very sophisticated malware at the time. 

How Kroll Helped

Kroll experts installed hardware to cleanse the affected machines as well as remotely monitor activity across the network, giving our team the ability to detect and block further attacks. Once our team gained visibility, we were alarmed at the volume of attacks, which continued throughout the months leading to the election. “It was like a firefight,” Alan said. “This was starting every day knowing that you didn’t know what they were going to throw at you.” We recently asked Alan to recount this engagement on video:

Kroll was able to successfully thwart all viruses attempting to pervade the campaign network. This was the first U.S. national election in which the hacking of a campaign became a prevalent issue, setting the stage for the role of cyberattacks in future elections which we still see today. 

Other Areas We Can Help

Security Risk Management

Helping clients anticipate/respond to a myriad of facility, operational and employee security challenges.

Security Risk Management

Insights

Cyber Risk

CyberClarity360 Express Helps Fortune 25 Technology Client Identify and Prioritize Legal Vendor Cyber Risk

Cyber Risk
The Monitor

Telerik Vulnerability (CVE-2019-18935) Creates Surge in Web Compromise and Cryptomining Attacks - The Monitor, Issue 14

The Monitor
Cyber Risk

Cyberclarity360TM Product Release Note: Risk Register

Cyber Risk