Exclusive: Hackers test defenses of Trump campaign websites ahead of
U.S. election, security staff warn
Send a link to a friend
 [September 01, 2020]
By Jack Stubbs
LONDON (Reuters) - Hackers have stepped up
efforts to knock Trump campaign and business websites offline ahead of
the U.S. election, in what a security firm working for the campaign said
could be preparation for a larger digital assault, according to emails
seen by Reuters.
The security assessment was prepared by staff at U.S. cybersecurity firm
Cloudflare, which has been hired by President Donald Trump to help
defend his campaign's websites in an election contest overshadowed by
warnings about hacking, disinformation and foreign interference.
Cloudflare is widely used by businesses and other organizations to help
defend against distributed denial-of-service (DDoS) attacks, which aim
to take down websites by flooding them with malicious traffic.
Internal Cloudflare emails sent to senior company managers - including
CEO Matthew Prince - on July 9 state that the number and severity of
attacks on Trump websites increased in the preceding two months and
reached record levels in June. The emails did not give the total number
of attacks.
"As we get closer to the election, attacks are increasing in both
numbers (and) sophistication" and succeeded in disrupting access to the
targeted websites for short periods of time between March 15 and June 6,
the assessment said.
Cloudflare did not respond directly to questions about the emails or
their contents. The company said it was providing security services to
both U.S. presidential campaigns and declined to answer further
questions about the nature or details of its work.
"We have seen an increase in cyberattacks targeting political
candidates. We will continue to work to ensure these attacks do not
disrupt free and fair elections," it said in a statement when asked
about the emails.
A spokesman for the Trump campaign did not respond to a request for
comment. The Biden campaign declined to comment on its work with
Cloudflare or any attacks on its websites.
[to top of second column]
|
President Donald Trump, first lady Melania Trump and their extended
family watch Trump campaign fireworks explode behind the Washington
Monument from the South Lawn of the White House after his acceptance
speech as the 2020 Republican presidential nominee during the final
event of the Republican National Convention in Washington, U.S.,
August 27, 2020. REUTERS/Kevin Lamarque/File Photo
A spokeswoman for the Trump Organization said no Trump websites had
been taken offline by cyberattacks. She did not respond to further
questions about the attacks or Trump's work with Cloudflare.
Cloudflare's security team did not comment on the identity of the
hackers and Reuters was not able to determine who was responsible
for the attacks.
DDoS attacks are viewed by cybersecurity experts as a relatively
crude form of digital sabotage - easily deployed by anyone from
tech-savvy teenagers to top-end cyber criminals.
But seven of the attacks on Trump websites, including
donaldjtrump.com and a Trump-owned golf course, were judged to be
more serious by the Cloudflare security team, the emails show.
The increasing number and sophistication of attempts suggested the
attackers were "probing" the website defenses to establish what
would be needed to take them fully offline, the security assessment
said.
"We therefore cannot discount the possibility that there are
attackers using this as an opportunity to collect information for
more sophisticated attacks," it added.
The Cloudflare team said they would continue to monitor the attacks
and carry out "a further round of security hardening" to better
protect the websites.
(Additional reporting by Joseph Menn in SAN FRANCISCO; Editing by
Jonathan Weber and Edward Tobin)
[© 2020 Thomson Reuters. All rights
reserved.] Copyright 2020 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
