What I Learned Trying To Secure Congressional Campaigns

“Attempts to work with the DNC and DCCC. The national party was so unhelpful that in the end I had to treat them as part of the threat model. Particularly vexing was their addiction to sending email attachments.

To cite one small example: on August 22, the DNC had a phishing scare, where they mistook a vulnerability assessment for an actual attack. The next day, DCCC Executive Director Dan Sena sent an email to all campaings with the subject line “Reminder About Cybersecurity”. That email included three attachments, including a file evocatively titled “2—20170712—Falcon.docx”.

I can’t think of a more efficient way to compromise every campaign in the country than blasting security alerts with dodgy attachments from the DCCC email account.

The DCCC sent out attachments constantly. It drove me nuts. And I was never able to get a meeting with anyone there to slug it out.”

—Maciej Ceglowski, “What I Learned Trying To Secure Congressional Campaigns.” IdleWords.com. May 27, 2019.

Explains much of what is wrong with politics in the United States and the Democratic Party in particular.