One of the first hacks this year to affect the 2020 presidential elections in the United States occurred on Thursday. TVEyes, a television search engine used by political campaigns to monitor opponents and track ads, said Friday that it was hit with a.
In a tweet, TVEyes wrote that its central server and engineering workstations were targeted by a ransomware attack, which caused a service interruption.
"We are rebuilding the system and hope to have TVEyes online again soon, but we don't have an exact ETA," the company said in the tweet. "We appreciate your patience and we will provide updates as they become available."
TVEyes CEO David Ives said Friday afternoon that he had just restored his servers using company backups, and that the attack did not appear to be an attempt to steal data on political candidates.
"All engineers have been working on this since early yesterday morning, and there is no evidence that data has been downloaded," Ives said in an interview. "It seems that it was simply an attack to make money."
He did not specify what the rescue was for or what type of rescue it was.
Ransomware attacks occur when hackers install malware that encrypts files, essentially blocking people from their devices until they pay the decryption key. These types of attacks have devastated cities throughout 2019, and have also affected companies. In a high profile example, a ransomware attack in 2017 caused more than $ 300 million in damage from shipping giant Maersk.
TVEyes is only one of the latest victims of ransomware, but the attack raises major concerns considering that many political campaigns, from candidates running for president to local representatives, are their clients. The service is also used by companies such as Airbnb, Grubhub, JPMorgan Chase, as well as organizations such as the Make-a-Wish Foundation and the United Nations.
The presidential elections of 2020 in the US UU. They are less than 10 months away, and government officials, as well as campaigns, have been on high alert for cyber attacks. And most likely, every high profile campaign running for president uses TVEyes.
"TVEyes has become an incredibly important tool for political campaigns, especially at this time when information is transmitted and consumed in real time," said Dan Bayens, co-founder of the media buying and monitoring firm Medium Shopping.
The highest level of concern comes after Russian hackers interfered with the 2016 presidential elections, infiltrated the servers of the National Democratic Committee and carried out disinformation campaigns using stolen materials.
In 2018, White House officials warned that hackers from national states would try to interrupt U.S. elections again. The attack on TVEyes is not a direct hacking in any political campaign, but it gives hackers potential access to the company's customer data.
"The most personal data that can be downloaded from the database is an email address," said Ives.
The company is a search engine tool for open television, which campaign managers and press secretaries use for several reasons. Beyond simply monitoring when political ads are running, campaign managers can use it to receive alerts about political opponents' ads and when they appear on television, as TVEyes explains in their marketing material for campaign managers.
"Beyond the tweets, we have not received any information from TVEyes about this," Schatz spokesman said.
Biden's campaign did not respond to requests for comments.
Outside of data security concerns, the disruption also affected the ability of campaigns to manage their operations, and several political employees complained about downtime on Thursday and Friday.
On Thursday, TVEyes was originally telling customers that the problem was a technical problem, but on Friday it announced that it was affected by a hack.
There is concern that if hackers could overcome TVEyes' cybersecurity defenses, they may also have access to customer data, including email addresses belonging to politicians running for president and other offices.
Ives said the company's engineers have not seen any evidence that hackers download their data, and that it does not store confidential information such as credit card numbers and passwords.
Several ransomware operators have stolen data from their victims before encrypting files, according to Jake Williams, founder of security firm Rendition Infosec. Your company has also seen ransomware often used as a distraction for a data theft attack. He noted that anything that hackers could encrypt for ransomware could also steal.
"Obviously, campaign data can be sold or used to gain political advantages," Williams said. "Unfortunately, we don't know enough details here to understand the group of threats responsible."