DNC tech chief: No successful hacking attempts seen in midterms
LISBON — Two years after a campaign marred by hacking, the Democratic National Committee’s chief technology officer thinks they may have avoided a similar situation in the 2018 midterm elections.
In his first interview after the midterm elections at the Web Summit conference, Raffi Krikorian told CNN Business they “didn’t hear much” on Election Day — but said the DNC remains on alert for trouble.
“Remember, any sophisticated attack is not something we’re going to detect today, it’s something we’re going to detect a few days or a few weeks or a few months from now,” he said.
A sophisticated hacker would figure out a way around the alerts and monitors the DNC has set up, he said. So now the DNC is in the middle of a post-mortem study.
“We’ll do a bunch of checking against what the elected counts look like, if the voter file looks different than from a week ago, scouring of all our network traffic logs,” Krikorian said.
Cybersecurity has changed drastically at the DNC since the 2016 election, when hackers managed to obtain internal emails for top party officials, in part through phishing schemes.
Krikorian, a veteran of Twitter and Uber, joined in 2017 and said his goal was not only to upgrade the technical security of the organization but also alter its culture.
“People are the weakest links,” Krikorian said.
Recently a high level executive in the DNC C-suite logged into their account from a hotel lobby computer, which sent up alarms, Krikorian revealed. Logging into a public computer can increase risk of hacking since software could be installed on the computer that could record key strokes or the information on the screen.
That executive, as well as any other DNC staffer who may recklessly log into a public computer “will be hearing from us very fast, and we will potentially lock your account until we figure out what was going on,” he said.
When it comes to the spread of misinformation online, Krikorian was adamant that social media companies, including his former employer, need to be doing more.
“We have to be on the phone all the time with the social media platforms being like ‘we need you to take down this account down, we need you to investigate this account right now,” Krikorian said.
Just days before the midterm elections, Twitter deleted more than 10,000 automated accounts seeking to discourage voting in the midterms after they were flagged by the Democratic Congressional Campaign Committee (DCCC).
“I don’t believe they’re doing enough now,” Krikorian said. “We’re only 10 percent down a very long road in order to make these platforms secure.”
Though the Republican National Committee also has their own chief technology officer, Krikorian said they barely interact, relying on the government agencies to act as a bridge — though the two teams did send each other election night goodies, including cupcakes and liquor.
“Sadly we don’t work with them as closely as we would like,” Krikorian said. “I think that’s super complicated. There’s a lot of obviously suspicions, a lot of questions of what that outreach would look like.”
Krikorian now has a 35-person team at the DNC that works not only on cybersecurity but also misinformation. But he said the DNC is “vastly outgunned” and wants the government and the private sector to step up.
“I absolutely want the federal government to be doing this. This is not a partisan issue, election security should be a nonpartisan issue this is the basis of the American democracy,” Krikorian said, though he noted the DNC and the Republican National Committee have good relationships with the government agencies.
He added: “This political climate we live in is obviously a very tenuous one so there is some question and trust over how the federal government could approach this, but this should be a non partisan issue.”