DNC alleges it was targeted in phishing attack after midterms
The Democratic National Committee alleges it was among the intended victims of a widespread cyberattack that was detected days after the 2018 midterm elections, according to court documents filed overnight.
"On November 14, 2018, dozens of DNC email addresses were targeted in a spear-phishing campaign, although there is no evidence that the attack was successful," the DNC wrote in an amended complaint filed late Thursday, part of an ongoing lawsuit against the Russian government, the 2016 Donald Trump campaign and others.
The DNC said that the content and the timing of the emails led the organization to believe it was targeted as part of a wider phishing campaign that cybersecurity firms had previously said appeared to use some of the same technical tricks as a Russian hacking group known as Cozy Bear, or APT 29. Cozy Bear is one of two groups linked to Russian intelligence that purportedly infiltrated the DNC's systems ahead of the 2016 presidential election.
"Therefore, it is probable that Russian intelligence again attempted to unlawfully infiltrate DNC computers in November 2018," the filing says.
Spear-phishing refers to a tactic in which hackers attempt to trick their victims into clicking on malicious links in emails by pretending to send them from a legitimate, trusted source. The November 2018 phishing campaign used email accounts that falsely appeared to belong to the U.S. State Department and targeted more than a dozen entities across different industries, from the media to defense contractors, according to a November 2018 post by the cybersecurity firm FireEye. FireEye emphasized that despite "notable similarities" with a past suspected Cozy Bear behavior, the firm could not firmly attribute the phishing campaign to the Russians.
A spokesperson for CrowdStrike, another cybersecurity firm that reportedly identified the November phishing campaign and counts the DNC among its customers, declined to comment for this report.
The filing Thursday is the latest in a lawsuit that takes aim at the 2016 Trump campaign, the Russian government and several others over the 2016 hacking of emails from the DNC and Hillary Clinton campaign chairman John Podesta, and their subsequent publication online. President Donald Trump is not named as a defendant.
The new complaint from the DNC's legal team does not contend that the president or his associates had any knowledge of the latest phishing attempts, but suggests that by initially denying now-reported contacts with Russia-linked figures, along with other behavior the DNC deems suspect, the Trump campaign showed itself to be part of a broader conspiracy with the Russian Federation.
Trump has long denied accusations of collusion with Russia, and in December several of the defendants in the case argued that it should be thrown out. Echoing Trump's public criticisms of the Russia investigation, the 2016 Trump campaign said in a motion to dismiss that the Russia-conspiracy accusations only seek to "explain away [the DNC] candidate's defeat in the 2016 presidential campaign."
At the time of the DNC's initial filing, Brad Parscale, Trump's campaign manager for the 2020 race, described the legal action as a "sham lawsuit about a bogus Russian collusion claim filed by a desperate, dysfunctional and nearly insolvent Democratic Party."
The DNC's legal team told ABC News it hopes the court will deny the calls to dismiss the case and allow the case to move forward. The team said the DNC would then seek documentation including communications Trump campaign principles had with Russians and Russian intermediaries as a part of the discovery process.
"The DNC regularly coordinates with law enforcement and we maintain open channels of communication regarding cyber security issues," a spokesperson for the party added in an email to ABC News.
For its part, Russia has consistently denied the hacking and conspiracy allegations leveled against it. But in a November letter to the court in response to the DNC suit, the Russian government said that even if it did hack the DNC, such a "sovereign act" by a nation-state should be protected from civil suits by U.S. law.