It's too expensive to put security measures in place to prevent them, or investigate after they happen.
UNDER INVESTIGATION. We're still trying to figure out exactly cyberattacks affected the outcome of the 2016 U.S. presidential election, but we're already dealing with the next wave of attacks that could influence the midterm elections. And it's not just nationwide campaigns in hackers' cross-hairs — turns out, smaller campaigns can fall victim to cyber attacks, too, and many are woefully ill-equipped to handle them.
PICKING ON THE LITTLE GUY. On Friday, Reuters reported that the Federal Bureau of Investigation (FBI) is investigating a cyberattack on the primary campaign of David Min, a Democratic candidate for the House of Representatives vying to represent California's 45th Congressional district.
According to three people close to the campaign, hackers managed to place keystroke software on the computers of both Min's campaign manager and financial director. They also installed software that made the keystroke tracker undetectable by the standard anti-virus software used by the campaign. The team heard about the hack in late March.
In June, Min lost the election. Both the FBI and Min’s former campaign manager, Paige Hutchinson, declined Reuters's request for comment.
A REPEAT OFFENSE. This isn't the first example of a cyberattack on a campaign that wasn't on the national stage. On Wednesday, Rolling Stone reported that hackers targeted the campaign of Hans Keirstead, a Democratic candidate running to represent California's 48th Congressional district in the House of Representatives.
Like Min, Keirstead also lost his primary bid, but had he won, he would have faced Dana Rohrabacher (R-CA) in the general election, a 15-term incumbent Politico described as "[Russian President Vladimir] Putin's favorite congressman." We don't know whether the hackers were Russian, so at this point, it's just a (very familiar seeming) coincidence.
As Keirstead's campaign manager Kyle Quinn-Quesada told Rolling Stone, cyberattacks on political campaigns are becoming more and more common, and hackers aren't only going after the big fish. “The targets aren’t just high-profile statewide candidates or elected officials,” he said. “Individual congressional campaigns are being targeted on a regular basis.”
NO MONEY, MO' PROBLEMS. Unfortunately, it's often not financially feasible for these smaller campaigns to put measures in place to prevent an attack, or to look into it after one happens. After realizing they were the target of a hack, Min's team considered hiring a security firm to investigate, but his advisors changed their minds when they learned the cost: a minimum of $50,000. As one of Reuters's sources noted, the four-person campaign was barely equipped to shell out the $4,000 needed to replace its infected laptops.
If the U.S. is to have any hope of maintaining the integrity of its democratic elections, it the federal government may have to find a way to finance the security measures needed to protect all candidates, not just those running for president, from the kinds of attacks that just may have cost Min and Keirstead their elections.
READ MORE: Exclusive: FBI Probing Cyber Attack on Congressional Campaign in California [Reuters]
More on election hacking: Pre-Teen Hackers Prove It: The U.S. Election System Simply Isn’t Secure Enough