Case Study – Protecting the 2008 U.S. Presidential Election from Cyber Attacks

Protecting the 2008 U.S. Presidential Election from Cyber Attacks

During the 2008 U.S. presidential election cycle, the FBI and U.S. Secret Service determined the Obama and the McCain campaigns were being targeted by hackers likely associated with foreign governments. Within days of this discovery, Kroll was enlisted to investigate all systems and determine the extent of any potential compromise. A team of experts, led by Senior Managing Director Alan Brill, was dispatched to Obama’s campaign headquarters and to the Democratic National Committee to identify the infection, cleanse infected systems and bolster defenses. 

Our investigators determined the compromise occurred through a phishing email made to look like the outline of a meeting agenda and containing a malicious .zip file attachment. Once opened, the attachment released a virus that made its way around the network, kicking off an infection chain that compromised the computers of various senior staffers. In an NBC News article covering the attack, reporter Michael Isikoff pinpoints a passage from President Obama at a May 29, 2009, White House event announcing a new cyber security policy where he confirms the impact of the attack: “Hackers gained access to emails and a range of campaign files, from policy position papers to travel plans,” he said then.

As the investigation developed, our team identified the virus buried in the network, with the ability to keep itself hidden for months or years without being detected, proving to be a very sophisticated malware at the time. 

How Kroll Helped

Kroll experts installed hardware to cleanse the affected machines as well as remotely monitor activity across the network, giving our team the ability to detect and block further attacks. Once our team gained visibility, we were alarmed at the volume of attacks, which continued throughout the months leading to the election. “It was like a firefight,” Alan said. “This was starting every day knowing that you didn’t know what they were going to throw at you.” We recently asked Alan to recount this engagement on video:

Kroll was able to successfully thwart all viruses attempting to pervade the campaign network. This was the first U.S. national election in which the hacking of a campaign became a prevalent issue, setting the stage for the role of cyberattacks in future elections which we still see today. 

Other Areas We Can Help

Cyber Risk

Cyber Risk

End-to-end cyber security services provided by unrivaled experts.

Cyber Risk
Cyber Risk

24x7 Incident Reponse

Compliant notifications, reputation-saving remediation, and litigation support.

24x7 Incident Reponse
Security Risk Management

Security Risk Management

Helping clients anticipate/respond to a myriad of facility, operational, and employee security challenges

Security Risk Management
Cyber Risk

Cyber Risk Assessments

Delivering actionable recommendations using the best technology and expertise available.

Cyber Risk Assessments

Insights

Cyber Risk

Cyberclarity360TM Product Release Note: Risk Register

Cyber Risk
Cyber Risk

KAPE 0.9.2.0 Released: New Target and Module Definition Changes

Cyber Risk
Cyber Risk

Protecting Elections: Security Beyond the Machine

Cyber Risk
Cyber Risk

Qakbot Malware Now Exfiltrating Emails for Sophisticated Thread Hijacking Attacks

Cyber Risk