Incidents of hacking are becoming more widespread in the campaign industry but no consultant has yet admitted to having their cyber security compromised, despite reports that hackers have been targeting individual operatives.
Democratic operatives were reportedly targeted in the hacks earlier this year that breached the DNC, the DCCC and Clinton campaign. Meanwhile, Texas Rep. Mike McCaul (R), chairman of the House Homeland Security Committee, said last month his side faced a similar attack.
After stating the RNC had been hacked in a CNN interview, a statement disputed by the committee’s spokesman, McCaul tweeted Sept. 14: “[I]n addition to the DNC hack, Republican political operatives have also been hacked.”
The GOP side of the industry’s response to McCaul’s statement was telling. Despite hacking being a real threat that in addition to the Democratic committees has hit the Office of Personnel Management, the Department of Justice and even CIA Director John Brennan’s personal email, just to name a few victims, consultants’ responses in the wake of McCaul’s admission were either public bravado, or silence.
Close to a dozen consultants asked to comment by C&E declined to do so. That echoes the typical response from the corporate world. A recent Wall Street Journal piece noted that of the roughly 9,000 publicly listed companies in the U.S., only 95 had informed the Securities and Exchange Commission of a data breach since 2010, despite there being 2,642 hacks across all U.S. businesses, public and private, in the same period.
Major corporations have their own reasons for not disclosing data breaches, the main one being that they consider it immaterial to their investors or the bottom line. But in instances where their customers’ data has been lost, like with Target in 2014, companies are required by law to go public during a certain period.
If they don’t, there can be legal ramifications. For instance, Yahoo may face legal trouble because it waited to disclose a hack that took place in 2014 (although the company says it was only recently discovered after a hacker was found offering 280 million user credentials for sale on the black market).
But in the campaign industry, silence may be helping perpetuate a lack of recognition of the risk. For instance, those consultants who did want to comment after McCaul’s tweet downplayed the hacking threat, despite not having even close to the resources available to the entities that have fallen victim.
“When I was in the Marines they taught us that if you want the bad guys to know what you are doing then transmit it electronically,” said Chris Faulkner, a Republican communications consultant and partner in the data firm Øptimus. “If you don’t, send a person to deliver it by word of mouth. Not always applicable in every situation but still rock solid advice.”
Casey Phillips, a GOP media consultant who has worked with the NRCC, also shrugged off the threat. “If they hack my email,” he said, “[they’re] going to be pretty disappointed.”
If a consultant gets hacked and admits it publicly, that may have repercussions for his or her reputation, even if no proprietary or sensitive client data gets released. But could there ever be a beneficial reason to disclose a hack?
There are instances when it could provide a timely shift in focus for a campaign. To wit, during Texas Gov. Bill Clements (R) comeback campaign, a listening device was found on Oct. 5, 1986 behind a needlepoint picture of an elephant during “an electronic sweep” of the office of consultant Karl Rove, who claimed it had been planted by Democrats.
With the FBI investigating the claim, the so-called bug subsequently became the focus of the only debate between Clements and Gov. Mark White on Monday Oct. 6. Clements, who was running against White for the second time, subsequently unseated the Democrat that November.
The incident didn’t hurt Rove’s career either. As James Moore and Wayne Slater wrote in their book Bush’s Brain, “Any consultant good enough for somebody to bug his office, was surely a consultant to be sought after for his wise counsel.”