Dozens of web addresses implying U.S. senators were "for sale" have been quietly and mysteriously purchased online, amid heightened concerns on Capitol Hill that foreign agents—especially Russians—might be trying to meddle in upcoming midterm elections.
An Associated Press investigation found the responsible party: Democrats.
The Democratic Senatorial Campaign Committee acknowledged to the AP that it had quietly purchased the addresses, which use a new internet suffix "forsale," in March for at least 27 incumbent senators facing re-election this fall and in 2020, without telling the senators. The cybersecurity director for the sergeant-at-arms, the highest-ranking U.S. law enforcement officer in the Senate, has been looking into the matter.
The addresses now controlled by the Democratic political group include the names of mostly Democrats but some prominent Republicans, too. The group masked its role in the purchase to ensure its identity as the buyer remained anonymous. The current price for such addresses, with a privacy guard, is roughly $18 each.
"It's a routine campaign practice to purchase URLs to stop bad actors from getting them, and if we eventually decided to develop a URL into a website then there would be a clear disclosure of who was operating it," said Lauren Passalacqua, communications director at the DSCC.
Buying politically-related web addresses to use them later online—or prevent rival campaigns from using them—has been a routine practice for decades. But Washington has been transfixed by criminal charges filed against Russian military officers accused of secretly meddling in the 2016 presidential campaign, accused by federal prosecutors of setting up websites like DCLeaks.com and using anonymous Twitter accounts to peddle embarrassing information about U.S. politicians.
U.S. intelligence chief Dan Coats has cautioned that the "warning lights are blinking red" and that "the digital infrastructure that serves this country is literally under attack."
The mysterious "forsale" purchases set off alarms. AP's review found roughly 280 political web addresses registered under the "forsale" domain, targeting President Donald Trump, the GOP, Supreme Court and National Rifle Association, as well as individual Democrats and Republicans. The Democratic Senatorial Campaign Committee said it was responsible for at least 27 of them targeting U.S. senators and didn't provide further details.
"In this particular atmosphere, anything along these lines is concerning, because there's so much opportunity for malicious use of the internet, particularly in campaigns," said Angus King, I-Maine, before AP solved the mystery. King declined to comment after learning from AP that Democrats were responsible.
The latest actions show how lines and motives in American politics can blur among foreign adversaries, U.S. dirty-tricksters, pranksters or speculators hoping eventually to sell the web addresses to campaigns or their rivals. None of the addresses for the senators appears to be associated with an operational website, obscuring motives for future uses. Unlike in cases where so-called squatters register web addresses they hope to sell for profit, there were no indications the addresses were being made available for resale or populated with ads to make money.
Tim Groeling, an expert on political communication and new media at the University of California, Los Angeles, said the anonymity sought by the Democratic group was what troubled him. The identities of whoever registered the websites were purposefully masked. He said it's common for campaigns to purchase permutations of candidate names defensively and to use offensively against political opponents.
"The lack of transparency is both concerning from a standpoint of the potential for other governments to do this type of thing and not be revealed, and our domestic politics," Groeling said. "I'm a big fan of transparency. I think a lot of things can be fixed with sunlight."
The addresses use the new internet suffix "forsale" first made available in 2015 and intended to help consumers sell unwanted items without paying auction sites. The addresses the Democrats registered included the names of Sens. Bob Casey, D-Pa.; Claire McCaskill, D-Mo.; King; Elizabeth Warren, D-Mass.; Ted Cruz, R-Texas; Heidi Heitkamp, D-N.D.; Bernie Sanders, I-Vt.; Roger Wicker, R-Miss. and Dean Heller, R-Nev.
The technology infrastructure of the U.S. Senate and its offices around the country are the responsibility of the sergeant at arms. Terry Gainer, who previously served as sergeant at arms until 2014, said that if he had learned of the mysterious addresses in the current political environment, he would have his cybersecurity officer as well as the Capitol Police made aware. He said he would also ask the Secret Service and FBI to investigate.
"I don't believe in coincidences, and again, what's been going on since the whole Russian intrusions, there'd be much more sensitivity about taking a look at this," Gainer said.
It was unclear who purchased the addresses targeting the NRA, GOP and others. Internet records showed they were purchased anonymously hours before the Democrats bought the ones with the senators' names, and within seconds of each other. The address implying the Supreme Court was for sale was purchased last month.
"It's no different from dot-sucks," said Paul Vixie, a highly regarded computer scientist who helped design the system of internet addresses currently in use. "Social commentary has always thrived on the internet, due to reach and cost issues. These politicians are right to reserve those names, but wrong if they think other domains only slightly less clean won't appear."
Warren's staff declined to comment, as did McCaskill's and Cruz's. Heller, Casey, Heitkamp, Sanders and Wicker did not respond to questions. The GOP, DNC and NRA also did not respond to questions from the AP.
The U.S. Senate Sergeant at Arms Office declined to comment on the "active defense" of its system.
Politicians and celebrities, especially, have trademark rights to their own names, and can file a complaint and request arbitration through the World Intellectual Property Organization or the National Arbitration Forum with whoever registered the website, according to Alexander Urbelis, a partner at the New York-based Blackstone Law Group who detected the new registrations.
"It's a really nutty thing to do unilaterally because it's going to set off alarm bells," Urbelis said.
Explore further: AP finds hackers hijacked at least 195 Trump web addresses