The FBI launched investigations after two Southern California Democratic U.S. House candidates were targeted by computer hackers, though it's unclear whether politics had anything to do with the attacks.
A law enforcement official told the Associated Press that the FBI looked into hacks involving David Min in the 45th Congressional District and Hans Keirstead in the adjacent 48th Congressional District. Both districts are in Orange County and are seen as potential pickups as the Democratic Party seeks to win control of Congress in November.
A person with knowledge of the Min investigation told the Associated Press on Monday that two laptops used by senior staffers for the candidate were found infected with malware in March. It's not clear what, if any, data was stolen, and there is no evidence that the breach influenced the contest.
The CEO of a biomedical research company, Keirstead last summer was the victim of a broad “spear-phishing” attack, in which emails that appear to come from a friend or familiar source are designed to help hackers snatch sensitive or confidential information, the law enforcement official said. There is no evidence that Keirstead lost valuable information.
The investigations so far have not turned up evidence that the two candidates in Orange County were political targets.
The official and the knowledgeable person were not authorized to discuss the cases publicly and spoke only on condition of anonymity.
Keirstead was narrowly defeated in the June primary for the seat held by Rep. Dana Rohrabacher (R-Costa Mesa). Min came in third in the contest to unseat Rep. Mimi Walters (R-Laguna Beach).
Min's staff was alerted to a potential cyberattack by a facility manager in the software incubator where his campaign rented space. It was later found that the computers were infected with software that records and sends keystrokes, with additional software that concealed it from conventional anti-virus tools used by the campaign.
The two laptops were replaced, and Min's computer was not infected. The attack on the computers was first reported by Reuters.
Keirstead campaign officials detected repeated attempts to access the campaign's website.
Rolling Stone magazine, which first reported that cyberattack, said hackers or bots tried different username-password combinations in a rapid-fire sequence over a two-and-a-half-month period to get inside the campaign's WordPress-hosted website.
According to the campaign, there were also more than 130,000 so-called brute force attempts over a monthlong period to gain access to the campaign's server through the cloud-server company that hosted the Keirstead campaign's website, Rolling Stone said.
Computer security experts say that many attempts to gain access to a site hosted with the popular and free WordPress software is not unusual.
“Every WordPress-hosted website sees 130,000 brute force attempts over a monthlong period, regardless of whether it's Bohemian basket weaving, a blog about furry costume construction, or a politician’s website,” said Robert Graham, a cybersecurity expert who created the BlackICE personal firewall.
“Hackers don't know or care who you are: They only care that you use WordPress,” Graham said in a text message.