Risk & Repeat: NRCC breach stokes election security fears

Concerns over election-related cyberattacks were raised yet again following news that the National Republican Congressional Committee was breached last spring.

The National Republican Congressional Committee (NRCC) confirmed it experienced a cyber intrusion by unknown threat actors after a report from Politico claimed that email accounts of four senior aides within the GOP organization were accessed and surveilled over the course of several months. While the NRCC breach was reportedly detected in April, senior House Republicans didn't learn of the cyberattack until this month.

Cybersecurity vendor CrowdStrike Inc., which investigated the cyberattack on the Democratic National Committee in 2016, said it investigated the NRCC breach last April. CrowdStrike had previously worked with the NRCC to protect its network, which the vendor said was not affected in this incident. So far, no data has been released from the affected email accounts.

Why didn't the NRCC inform senior GOP leaders of the cyberattack sooner? What should politicians and political organizations do to protect their email accounts? What does this incident mean for the future of election security in the U.S.? In this episode of the Risk & Repeat podcast, SearchSecurity editors Rob Wright and Peter Loshin discuss those questions and more on the NRCC breach.