« Remember the stimulus that did stimulate? | Rio Olympic official on green pools: ‘Chemistry is not an exact science’ »
August 14, 2016

DCCC website was ridiculously easy for Guccifer 2.0 to hack

By Richard Henry Lee

The security for the Democratic Congressional Campaign Committee (DCCC) website was almost non-existent which made it easy for Guccifer 2.0 to hack.

Like Hillary with her reckless use of a personal email server, the DCCC is also guilty of failing to secure their website. The password was shared with many people on a spreadsheet and the site itself did not incorporate the use of an encrypted connection. The password itself was “changeme” (without the quotes) which is quite obvious.

The website for login was http://dccc.org/wp-admin/ which means the website uses WordPress and the login ID was DCCCPress which is also fairly obvious. The fact that they used http instead of the encrypted https means that the login credentials were sent in the clear. By contrast, Guccifer 2.0 also used a WordPress site but his site uses https, which means that all traffic to the site is encrypted, which is a much higher level of security. (There is a bit of irony here that the hacker and the hacked both used WordPress.)

There are several sensible rules about the use of login ID’s and passwords, and one of the most important is to never share them with others. Instead of having a few trusted people with separate login credentials, the DCCC apparently shared a single login ID and several people had access to it. Other rules state that passwords must be robust without any ability of others to guess them. The DCCC failed here also.

There is another point to make. There was likely a lapse of time after Guccifer 2.0 posted the login credentials and before the DCCC changed their passwords. During that interval, several persons with a penchant to hack could have gotten into the site as well. The Chinese come to mind, and if it is true that the Russians are behind the hack, they could have tipped the Chinese off.

The larger issue is the lax culture of security at the DCCC, which the Democratic Congressional leadership apparently condones. This culture likely pervades the Halls of Congress since staffers at the DCCC move freely into jobs with Democratic Congress members and their committees and vice versa. That is where the real harm can occur.

If you experience technical problems, please write to helpdesk@americanthinker.com