--[ (Back) Into the Breach: Political Party Account Exposure and Why It Matters

$ getent passwd aschoka
├─── name: Andrew Schoka
├──── org: 780th MI BDE (Cyber)
└─ social:
   └─ twitter: @schoka_7

Andrew Schoka is a Cyber Operations Officer at U.S. Army Cyber Command and has spent the last six years tending the office coffee pot in different roles across government and academia. He holds an M.S. in Cybersecurity from Georgia Tech, a B.S. in Systems Engineering from Virginia Tech, and a number of industry security certifications.


As high-value targets for both state-sponsored and criminal actors, political parties face an array of challenges in securing their organization’s digital footprint. State-level party offices, in particular, are at a heightened degree of vulnerability, owing to varying levels of IT experience, unpredictable funding cycles, and the inherently public nature of their organizations. A major security concern for state parties is the threat of sensitive account or organizational data being publicly leaked or manipulated to undermine the organization’s political objectives. The risk of this scenario is magnified by the widespread appearance of party-affiliated account data in large-scale data breaches.

This session offers a follow-on to AvengerCon V’s 'Into the Breach' talk, which detailed the anomalous results from data-mining and analyzing state political party account exposure data at scale and comparing the results with data breach detection services provided by the HaveIBeenPwned API. With the benefit of hindsight, this year’s talk focuses on a longitudinal analysis of how the threat landscape has evolved, and overlays the project’s data collection with real-world examples of state political party cybersecurity incidents from the last 18 months. The results speak to the importance of integrating security programs with the core mission and culture of political parties across the country.