Political campaigns, high-pressure and transitory endeavors by nature, are tracking down more information on voters than ever before.
At the same time, they have proved to be perfect targets for hackers, cybercriminals and other ideological foes.
Campaign operatives and cybersecurity experts say data mining operation are now an indispensable part of modern politics, along with increasing mischief aimed at cyber-campaigns.
They now have to contend with problems like stolen data, misplaced donor or voter information, and foreign intelligence infiltrating campaign servers.
Hackers working to humiliate politicians alter websites, and credit card thieves found small online campaign donations the perfect way to test stolen Visa and MasterCard numbers, reports POLITICO.
”If the U.S. government, the Chamber of Commerce, Target and others who presumably spend millions or even billions on cybersecurity measures still have to contend with security breaches, hacks and so on every so often,” says Liz Mair, former online communications director at the Republican National Committee.
“It really shouldn’t surprise anyone to know that political campaigns are vulnerable to exactly the same kind of threat,” Mair tells reporter Byron Tau.
However, since campaigns are designed to win and not for the long term, security is a secondary concern.
“The lack of appropriate cybersecurity measures may be because some consultants just don’t prioritize it when they’re facing the hard deadline of Election Day and the only real objectives are robust fundraising and supporter engagement,” Mair adds.
Digital experts in politics are only concerned over security systems — and their agreements — until Election Day. Once the campaign is over, the data becomes vulnerable.
Security in the political world is not a new problem, says Scott Goodstein, the CEO of Revolution Messaging and a former technology staffer for Obama’s 2008 campaign.
“Campaigns have always had the problem of data security,” he says.
Goodstein listed several security breaches prior to the digital era: Volunteers could take a research binder, handwritten documents or donor information are misplaced. Devious volunteers could steal credit card information — even when it is on paper.
“Security is not just a let’s-blame-the-Internet problem,” Goodstein says.
Some of the modern security problems in political campaigns include missing personal information, such as in 2009, when WikiLeaks posted 4,700 donor credit card numbers from Norm Coleman’s 2009 campaign in Minnesota.
Coleman, who was running a heated campaign against Al Franken, had to have his supporters call donors asking them to cancel their credit cards. It was the largest such data breach in the history of politics.
Campaigns and vendors also expose user or voter information — often inadvertently – from personal home addresses to credit card data.
Political campaigns have also become a useful tool for credit card thieves.
Stolen credit card information is tested with a small donation online, to check if the victim knows of the theft and has deactivated the card. When giving to a political candidate, no product changes hands and mailing addresses are not required, making it perfect for stolen cards.
Fraudulent donations — that eventually have to be refunded — is a widespread problem, but largely unreported. Chris Murphy’s 2012 Senate campaign is the most public acknowledgement that a donation system was used to test stolen credit cards.
Adding to the problem is that political campaigns are often much less discriminating about accepting credit cards compared to private businesses.
Tau writes that hacking campaign websites have been a longtime problem, as old as digital politics. Any downtime in a grassroots campaign represents lost fundraising—as well as much embarrassment to the candidate.