Democrats Know Hackers Will Be Back In 2018. The Problem? Forcing Campaigns To Care. https://www.buzzfeed.com/rubycramer/democrats-know-hackers-will-be-back-in-2018-the-problemA few things:
It's unfortunately common for corporations and other organizations to consistently pay little to no attention to IT security, so this isn't surprising for Democrats. It would probably be just as much of an issue for Republicans if they were being targeted by foreign hackers as well. People always think IT security is something they can just blow off, and most of the time things actually do work out fine, but once you become the unlucky target of a dedicated hacker or worse, a state-sponsored group of them, you have to really cover all your bases or they will find a way in and cause you all sorts of problems. Maybe it's just become I am acutely aware of this issue, but the article said that person has sympathy for campaign managers who put little priority on this stuff as they are so busy with everything else, but given what happened in 2016, I just can't feel any sympathy for them. Taking basic precautions, such as encrypted communications, anti-malware software, proper firewalls, and other such things is really not that hard. It's quite easy actually. People just don't try, and they make it into a bigger deal than it is. I don't particularly care how busy these people are. This is a new high-priority issue that they unfortunately have to deal with. Refusing to do it by being lazy about very easy mitigations just makes them irresponsible operatives. The IT industry has been trying their best to secure networked systems and teach good security practices for years and years now, and no one listens. It is incredibly frustrating.
I do think it also raises another good question - exactly whose problem is this anyway? Is it the responsibility of the national organizations or each individual campaign, or both? I think, ideally, it is both. The national party has a duty to provide individual campaigns with easy-to-use security solutions that can be quickly implemented and utilized, as national organizations are around for more than one election cycle. Many - maybe even most campaigns are not. So the national party has a vested interest in keeping individual campaigns secure. On the other hand, individual campaigns have a duty to their candidate and the people they wish to represent in keeping their communications and other information secure. This isn't something they can just wave off and say "I'm too busy, I don't have time." If they don't have time, then
make time. People keep acting like this is optional. And that is the problem. It really isn't, but because bad things don't
always happen when you don't do it, they get this illusion that it's ok to ignore.
Also, interesting that Bredesen has already been targeted!