FBI agents Friday morning arrested a Santa Monica man on federal charges stemming from a series of distributed denial-of-service attacks on a website for a candidate who was campaigning for a California congressional seat.
Arthur Jan Dam, 32, was taken into custody pursuant to a criminal complaint filed Wednesday that charges him with one count of intentionally damaging and attempting to damage a protected computer, according to the U.S. Attorney’s Office.
Dam allegedly staged four cyberattacks in April and May of 2018 that took down the candidate’s website for a total of 21 hours. Prosecutors are not naming the candidate.
“The victim reported suffering losses, including website downtime, a reduction in campaign donations, and time spent by campaign staff and others conducting critical incident response,” according to the affidavit filed in Los Angeles federal court.
The victim further reported spending $27,000 to $30,000 to respond to the attacks, and the candidate believes the attacks contributed to the loss in the primary election in June 2018.
Dam was married to a woman who was employed by another candidate — and the eventual winner — in the congressional race, according to the complaint. The FBI has not uncovered any evidence that the winning candidate or Dam’s wife orchestrated or were involved in the series of cyberattacks.
Dam was arrested after surrendering to FBI agents at the U.S. Courthouse in downtown Los Angeles. He is expected to make his initial court appearance Friday afternoon. If convicted of intentionally damaging and attempting to damage a protected computer, Dam would face up to 10 years in federal prison.
“Law enforcement at all levels has pledged to ensure the integrity of every election,” said U.S. Attorney Nick Hanna. “We will not tolerate interference with computer systems associated with candidates or voting. Cases like this demonstrate our commitment to preserving our democratic system.”
The investigation found that the cyberattacks all originated from one Amazon Web Services account, which Dam controlled, and the four attacks corresponded to logins into that AWS account from either Dam’s home or his workplace. Furthermore, Dam had conducted “extensive research” on both the victim and cyberattacks, the complaint alleges.
The arrest “shows the FBI’s commitment to hold accountable anyone who interferes with an American’s right to vote or who deprives a candidate the right to compete fairly in an election,” said Paul Delacourt, the assistant director in charge of the FBI’s Los Angeles Field Office.
“As part of our mission to defend the democratic process, the FBI is equipped with the expertise to respond to allegations of election interference; whether by fraud, intimidation or — as in this case — cyber intrusions,” he said.
Distributed denial-of-service (DDoS) attacks are typically accomplished by flooding the targeted computer with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. After the third cyberattack, the victim increased cybersecurity measures and retained a website security company, but that was not enough to prevent a final disruption to the campaign’s website just one week before the primary election.
>> Want to read more stories like this? Get our Free Daily Newsletters Here!Follow us: