Image: Vice / Shutterstock

On Tuesday, the alarm bells went off at the Democratic National Committee. Someone was trying to hack the organization, specifically targeting its voter database. Speculation followed: Was it the Russians again?

A bit over two years ago, Russian intelligence officers broke into DNC servers. At the time, the political organization came out publicly and revealed the hack, in an apparent attempt to not just be transparent but also to call out what it thought was part of a coordinated attempt to influence the 2016 US presidential elections.

That's not what happened on Tuesday. As it turns out, the phishing attempt was actually set up by the Michigan Democratic Party as a simulation—what’s known in infosec circles as a “pen test” or “red team exercise.” Somehow, the DNC mistook this test for a real attack.

In other words, in trying to test its own security, the DNC set off a false alarm. This is not a great look for the DNC. Two years after it was actually hacked by Russia, and months before a crucial midterm election, the organization seems disorganized, crying wolf when there's no real attack. But for some, the false alarm is good news. Not just because the DNC didn’t get hacked and caught the friendly hackers, but also because the fake phishing attempt was so convincing it fooled their own people, showing a renewed commitment to avoiding past mistakes in keeping its computers secure.

Read More...