19 House Democrats' sites hacked at close of gun sit-in

19 House Democrats' sites hacked at close of gun sit-in
© Twitter

The websites of 19 House Democrats were knocked offline by hackers in an attack that coincided with the formal end to the sit-in over gun control.


"We do not believe it is a coincidence that this happened just as the Democrats started officially wrapping up their sit-in on efforts to prevent gun violence,” said Gordon Stanton, director of congressional services at DCS, the vendor behind the hacked House.gov websites.

The hack, first reported by Politico, was “deployed in a coordinated attack on all of our House client websites” at 1:05 p.m. last Thursday, Stanton said.

At that time, House Democrats were just exiting the floor after stalling proceedings for more than 24 hours in a call for action on gun control legislation. The controversial move was criticized as “a political stunt” by Republicans and hailed by Democrats as “a new day in Washington.”

But the hacker or hackers — and their motive — are still unknown.

A spokesman from the office of the House Chief Administrative Officer (CAO) would only say that a limited number of member office websites run by an outside contractor “are temporarily offline while the web vendor updates software in order to improve website security.”

Stanton was unequivocal that no sensitive data is contained on the member websites run by DCS — only press releases, biographies, issue pages and other public content. The hacked pages are on the U.S. House of Representatives official House.gov website and do not include members’ personal sites.

According to Stanton, the attackers uploaded what is known as a “web shell” onto one of the member’s websites. Web shells are malicious bits of code that hackers can upload to a public website to gain access to a site’s server. From there, depending on the code, web shells can allow hackers to gain remote control of a server or pivot to a wider network.

These backdoors can be extremely difficult to detect, according to a November warning from the Department of Homeland Security.

DCS and the CAO are working together to restore the downed sites. Stanton says he hopes they will be back online by close of business Thursday.

The 19 downed sites belong to Reps. Jim McDermottJames (Jim) Adelbert McDermottSondland has 'no intention of resigning,' associate says Three women accuse Gordon Sondland of sexual misconduct Portland hotel chain founded by Trump ambassador says boycott is attack on employees MORE (Wash.), Marcy Kaptur (Ohio), Jackie Speier (Calif.), Bill Keating (Mass.), Richard Neal (Mass.), Elizabeth Esty (Conn.), John Carney (Del.), John Larson (Conn.), Donna Edwards (Md.), Bennie Thompson (Miss.), Filemon Vela (Texas), Ed Perlmutter (Colo.), Sam FarrSamuel (Sam) Sharon FarrMedical marijuana supporters hopeful about government funding bill Marijuana advocates to give away free joints on Capitol Hill DEA decision against reclassifying marijuana ignores public opinion MORE (Calif.), Tammy Duckworth (Ill.), Tulsi GabbardTulsi GabbardGabbard knocks Trump over handling of Pensacola air station shooting Gabbard calls for congressional inquiry over Afghanistan war report The Hill's 12:30 Report — Presented by UANI — House Dems charge Trump with abuse, obstruction of Congress in impeachment articles MORE (Hawaii), Alan GraysonAlan Mark GraysonFlorida's Darren Soto fends off Dem challenge from Alan Grayson Live results: Arizona and Florida hold primaries The Hill's Morning Report: Frustration mounts as Republicans blow up tax message MORE (Fla.), Earl BlumenauerEarl BlumenauerLobbying world Hillicon Valley: Progressives oppose funding bill over surveillance authority | Senators call for 5G security coordinator | Facebook gets questions over location tracking | Louisiana hit by ransomware attack Progressives oppose spending stopgap measure over surveillance authority extension MORE (Ore.), Lloyd Doggett (Texas) and Rosa DeLauro (Conn.).