<div dir="ltr"><a href="http://www.politico.com/story/2016/06/hackers-house-democrats-websites-224904">http://www.politico.com/story/2016/06/hackers-house-democrats-websites-224904</a><span style="font-family:arial,helvetica,sans-serif"></span><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><p><span style="font-family:arial,helvetica,sans-serif"><span style="font-size:10pt"></span></span></p><p>More than a dozen House Democrats’ official websites have been down
since shortly after an overnight sit-in to push for gun control
legislation, and the contractor operating the sites told POLITICO that
hackers are to blame.</p>
<p>The outage is affecting the congressional sites of Reps. <a href="https://cd.politicopro.com/member/51280" target="_blank">Earl Blumenauer</a>, <a href="https://cd.politicopro.com/member/151744" target="_blank">John Carney</a>, <a href="https://cd.politicopro.com/member/51351" target="_blank">Rosa DeLauro</a>, <a href="https://cd.politicopro.com/member/51359" target="_blank">Lloyd Doggett</a>, <a href="https://cd.politicopro.com/member/198768" target="_blank">Tammy Duckworth</a>, <a href="https://cd.politicopro.com/member/61889" target="_blank">Donna Edwards</a>, <a href="https://cd.politicopro.com/member/51376" target="_blank">Sam Farr</a>, <a href="https://cd.politicopro.com/member/36630" target="_blank">Tulsi Gabbard</a>, <a href="https://cd.politicopro.com/member/66847" target="_blank">Alan Grayson</a>, <a href="https://cd.politicopro.com/member/51457" target="_blank">Marcy Kaptur</a>, <a href="https://cd.politicopro.com/member/158349" target="_blank">William Keating</a>, <a href="https://cd.politicopro.com/member/51477" target="_blank">John Larson</a>, <a href="https://cd.politicopro.com/member/51511" target="_blank">Jim McDermott</a>, <a href="https://cd.politicopro.com/member/51543" target="_blank">Richard Neal</a>, <a href="https://cd.politicopro.com/member/51317" target="_blank">Ed Perlmutter</a>, <a href="https://cd.politicopro.com/member/57066" target="_blank">Jackie Speier</a> and <a href="https://cd.politicopro.com/member/198780" target="_blank">Filemon Vela</a>.</p>
<div class="">
<div class="">
</div>
</div>
<p>With the exception of of Perlmutter, all of these lawmakers have
contracts with a company called DCS to manage their websites. DCS builds
websites using Joomla, a content management system that <a href="http://arstechnica.com/security/2015/10/joomla-bug-puts-millions-of-websites-at-risk-of-remote-takeover-hacks/" target="_blank">has suffered from serious security flaws</a>.</p>
<p>“The sites were hacked,” Scott Ferson, the president of the public
affairs group representing DCS, told POLITICO. Ferson said that DCS
expected to restore site functionality “by the end of the week.”</p>
<p>Gordon Stanton, DCS’s director of congressional services, told
POLITICO that the hacker uploaded a file called a web shell to the
database for one of the lawmakers’ websites and used it to launch a
“coordinated attack” against the other sites. The Department of Homeland
Security <a href="https://www.us-cert.gov/ncas/alerts/TA15-314A" target="_blank">warned</a> last November about this kind of attack.</p>
<p>Stanton said the attack began at 1:05 p.m. on June 23, roughly two
hours after House Democrats ended a day-long sit-in protesting a lack of
action on gun control legislation.</p>
<p>“We are working with House Security to remedy the situation in a way
that restores the websites as quickly as possible while still ensuring
comprehensive security,” he said.</p>
<p>According to Ferson, “no information was compromised” in the hack.</p>
<p>Several Hill staffers told POLITICO that many offices have expressed
frustration with the inability of DCS to quickly respond to outages and
security concerns. One affected office said it was the second time in
2016 that their website had gone down. Anger at DCS is so widespread
that some aides asked colleagues on an internal email list for
suggestions of other vendors.</p>
<p>The role of Joomla in the hack remains unclear. The company did not
respond to several requests for comment about whether its engineers knew
of unpatched flaws in its code. Stanton said that DCS was "still
investigating how the web shell was deployed, but we believe that
Joomla’s security is as robust as any other CMS used by the House."</p>
<p>A spokesman for the House Chief Administrative Officer, which handles
logistical functions like IT for members’ office, said in a statement
that the CAO was “working with these offices and [DCS] to ensure the
offices' information is secure before the websites are relaunched.”</p>
<p>Ferson said that DCS has spent time “coordinating with the House in
terms of having the right solution in place” to deal with hacks.</p>
<p>Stanton said that the House’s security team audits DCS’s servers and
the websites it produces for lawmakers. The last such audit took place
in March. The company also applies the latest security updates to its
software every night, according to Stanton.</p>
</div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>