Advertisement

Feds charge California man for 2018 DDoS attacks on congressional campaign

Arthur Dam is accused of temporarily disrupting a 2018 primary won by Katie Hill.
Katie Hill
Former Rep. Katie Hill tours the USS Marlinespike training facility. A man has been accused of intentionally damaging a protected computer by carrying out distributed denial-of-service attacks on Hill's primary opponent's website in 2018. (Department of Defense)

Federal law enforcement officials have charged a California man for conducting cyberattacks on the website of California congressional candidate in 2018.

Arthur Dam is accused of intentionally damaging a protected computer by carrying out distributed denial-of-service attacks (DDoS) that temporarily disrupted the Democratic primary in California’s 25th district. He was arrested Friday, according to local news reports.

The complaint says Dam’s wife, identified only as “K.O.” worked for one of the victim’s opponents in the primary race. The Intercept identified Dam’s wife as Kelsey O’Hara, a fundraiser for candidate Katie Hill. Hill went on to win the congressional race in November 2018, but resigned the following year.

The FBI connected Dam to the cyberattacks through “subscriber information, IP addresses, geolocation history, and open sources,” according to an affidavit. Investigators traced the attacks to an Amazon Web Services account that Dam allegedly used at home and at work.

Advertisement

Neither Dam nor his attorney could be immediately reached for comment.

“Like everyone else, I was surprised and disturbed to see the news of this criminal complaint,” Hill said in a statement. “I have no information or knowledge about any of the conduct alleged. These charges do not reflect in any way on the thousands of honest, hard-working staff, volunteers and supporters who worked on my campaign, to whom I owe so much.”

“The integrity of our elections is vital to our democratic process,” Hill’s statement continued. “Out of respect for the rule of law and the defendant’s presumption of innocence, I will wait for the legal process to conclude before commenting further.”

The episode is a reminder that not at all election security threats come from foreign adversaries. Dam allegedly conducted four different DDoS attacks, knocking out one campaign website for 21 hours, depriving the candidate of precious hours to fundraise.

He knew what he was doing, according to the FBI.

Advertisement

“Dam was found to have conducted extensive research on both the victim and various cyber exploits, malicious toolkits, and cyberattacks,’ FBI Special Agent Elliott Weideman said in the affidavit.

Dam faces up to 10 years in prison.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts