In 2016, the Democratic National Committee (DNC) headquarter in Washington DC, was a victim of Russian hacking attacks leading to a data dump of internal emails and leaks of critical information to the public. This attack was implemented by two separate Russian hackers groups, Fancy Bear and Cozy Bear, that were affiliated with Russian security agencies and military intelligence units and believed to be a part of a larger Russian espionage campaign (Council on Foreign Relations, 2016). The target was not only the DNC as a whole but also specific members of Hillary Clinton’s campaign — including John Podesta her campaign chairman. Podesta’s emails were subject to malicious phishing attacks that were later leaked to DCLeaks and WikiLeaks (Wired. 2018). The DNC hacking incident revealed a lack of cybersecurity education and processes within the DNC. Despite the rapid action taken following the 2016 attacks, there is still a need for consistent training and better practices in order to prevent hacking attacks and release of internal information in the future.
Following the 2016 attacks and the release of private internal information, the DNC contacted CrowdStrike, a cybersecurity software company focused on intelligence threats, to initiate remediation efforts and ensure the hackers couldn’t regain access to DNC systems. DNC’s software and technological systems required instant action to continue their work. The DNC decommissioned more than 140 servers, removed certain softwares and rebuilt servers, in addition to other efforts (Wired. 2018). However, there were also long-term needs to prevent of future attacks. According to publicly available information, there has since been increased communications with staffers and an emphasis on best practices for cybersecurity including two-factor authentication, better passwords associated with software, and encryption on computers (Vavra. S., 2018). In addition, the FBI director established a task force aimed at countering disinformation and collaboration efforts with federal officials to boost election security were established (Cassidy. C., 2020). The DNC also updated its cybersecurity checklist in 2023 showcasing the prevalence of the issue in contemporary times, and included basic cybersecurity best practices such as keeping technological devices updated, enabling disk and web encryption and securing devices (SGRV. 2023) Despite this, there appears to be a shortage of regular trainings and definitive processes aimed at all levels of staff within the organization, whether it is volunteers, interns, entry-level workers or higher levels of staff that are affiliated with campaigns.
The absence of adequate training, specifically focused on entry level workers at the first stage of employment within the DNC, highlights the need for cybersecurity education within the organization. The DNC’s cybersecurity checklist, released in 2023, acknowledged broader issues that could be mitigated by implementing best practices; however, the incident showcases the demand for particular initiatives, training and resources available for DNC members. The Cybersecurity and Infrastructure Security Agency (CISA), which has worked with the DNC in the past, has offered cybersecurity services and resources for organizations to implement cyber frameworks (CISA, n.d.). Along with recommending safe cybersecurity best practices both on an organizational and individual level, the CISA recommends specific plans and processes to protect business operations. Within CISA, there are learning platforms at no cost, which includes online cybersecurity training on a variety of topics. Implementing trainings such as those aimed specifically at entry-level employees would allow for increased cybersecurity education for the DNC as a whole along with long-term impacts rather than short term solutions. Furthermore, it would include a more adaptable and accessible training experience for newer employees (CISA. n.d.). Since the 2016 DNC cyberattack issue was focused particularly on the lack of cybersecurity education, implementing accessible training at an early stage would set workers up for greater long-term success. CISA specific initiatives includes different types of training such as, classroom-based courses, virtual instructor-led training, as well as self-paced online learning, showcasing the inclusiveness within the training programs (CISA. n.d.).
Following the designation of election infrastructure as critical infrastructure by the Department of Homeland Security in 2017, there has been a greater focus on upholding election security and data protections (CISA. n.d). The classification highlights the importance of consistent cybersecurity measures to uphold election security within the electoral systems. The inclusion of cybersecurity training using various teaching methods aimed at entry level employees would increase cybersecurity education without projected backlash from DNC stakeholders. Many of the stakeholders include DNC members such as state party representatives and election members, as well as state and local parties. In addition, amongst donors many Democratic Party organizations provide funding while working directly with the DNC for election processes, showcases a commitment to election infrastructure security. Cyber-education as a whole would be a beneficial process not just for the DNC but also relevant Democratic Party members and officials who would support cybersecurity education for the benefit of election safety (CISA. n.d). Furthermore, implementing these training programs for entry-level employees would help create a cybersecurity focused culture within the organization, as well as set up long-term employees with the tools needed to succeed.
Sources
Attributing the DNC Hacks to Russia. (2017, January 9). Schneier on Security. https://www.schneier.com/blog/archives/2017/01/attributing_the_1.html
Barrett, B. (n.d.). DNC Lawsuit Reveals Key Details About Devastating 2016 Hack. Wired. Retrieved May 26, 2025, from https://www.wired.com/story/dnc-lawsuit-reveals-key-details-2016-hack/
Campaigns and candidates still easy prey for hackers. (2018, August 11). POLITICO. https://www.politico.com/story/2018/08/11/cyber-hacking-midterms-campaigns-candidates-732640
Cassidy, C. a. (2020, January 26). Lessons learned from 2016, but US faces new election threats. AP News. https://apnews.com/article/ap-top-news-elections-voting-hillary-clinton-hacking-502ea2d593ed7ae74162c8eb46290b8a
Compromise of the Democratic National Committee | CFR Interactives. (n.d.). Retrieved May 26, 2025, from https://www.cfr.org/cyber-operations/compromise-democratic-national-committee
Cybersecurity Toolkit and Resources to Protect Elections | CISA. (n.d.). Retrieved May 26, 2025, from https://www.cisa.gov/cybersecurity-toolkit-and-resources-protect-elections
Cybersecurity Training & Exercises | CISA. (n.d.). Retrieved June 11, 2025, from https://www.cisa.gov/cybersecurity-training-exercises
Dunham, E. (2019, June 25). Political “Hacks”: DNC Cyber Security Check List Raises Risk Awareness. Spector Gadon Rosen Vinci P.C. https://www.sgrvlaw.com/political-hacks-dnc-cyber-security-check-list-raises-risk-awareness/
Election Security | Cybersecurity and Infrastructure Security Agency CISA. (n.d.). Retrieved May 26, 2025, from https://www.cisa.gov/topics/election-security
emptywheel. (2016, December 10). The Evidence to Prove the Russian Hack. Emptywheel. https://www.emptywheel.net/2016/12/10/evidence-prove-russian-hack/
Harding, L. (2016, December 14). Top Democrat’s emails hacked by Russia after aide made typo, investigation finds. The Guardian. https://www.theguardian.com/us-news/2016/dec/14/dnc-hillary-clinton-emails-hacked-russia-aide-typo-investigation-finds
Inside the race to hack-proof the Democratic Party. (2018, October 17). POLITICO. https://www.politico.com/story/2018/10/17/democrats-hacking-cybersecurity-dnc-909883
Internship-departments. (n.d.). Democrats. Retrieved May 26, 2025, from https://democrats.org/internships/internship-departments/
Muelle, R. (2019). Report on the Investigation into Russian Interference in the 2016 Presidential Election. (n.d.).
National Intelligence Council, Background to “Assessing Russian Activities and Intentions in Recent US Elections”: The Analytic Process and Cyber Incident Attribution, and National Intelligence Council, ICA 2017-01D, Assessing Russian Activities and Intentions in Recent US Elections, January 6, 2017. Unclassified. | National Security Archive. (n.d.). Retrieved May 26, 2025, from https://nsarchive.gwu.edu/document/22518-document-12-national-intelligence-council
New Democratic Party Hack “Similar” to Earlier Breach. (2016, July 29). NBC News. https://www.nbcnews.com/news/us-news/hack-democratic-congressional-campaign-committee-tied-earlier-breach-n619786
Vavra, S. (2018, August 25). The DNC is training staff to deflect hackers. Axios. https://www.axios.com/2018/08/24/the-dnc-is-training-staff-to-deflect-hackers
.jpg){kind=link}