Tag Archives: election hacking

Security News for the Week Ending October 11, 2019

Medical Practice Closes After Ransomware Attack

Wood Ranch Medical is closing their doors permanently after a ransomware attack.  The attackers not only encrypted the practice’s data, but also its backups.

In April 2019, the Brookside ENT and Hearing Center in Battle Creek also closed after a ransomware attack.

Ransomware attacks are just one reason why businesses should keep at least one backup off-site and off-line.  Source: Security Week

 

Reductor Malware Bypasses Encryption

Kaspersky, the Russian anti-malware vendor that has been banned for use by the US government, reported a new malware attack that bypasses encryption on a user’s PCs using a very novel technique.  Rather than crack the crypto, the attack compromises the random number generator on the computer, affecting the crypto algorithm and making the encryption easy to break.  Very creative.  Source: The Register

 

vBulletin Developers Release Patches for 3 More High Severity Vulnerabilities

Right after patching the critical vulnerability that took down Comodo, the developers of vBulletin have released even more patches.  This time is it a remote code execution (RCE) flaw and two SQL injection (SQLi) attacks.  vBulletin runs on at least 100,000  web sites.  While these vulnerabilities are not at bad as last week’s, you should patch them soon.  Source: The Hacker News.

 

Feds Hit the Mob with Cyberstalking Charges

A jealous mobster put a GPS tracker on his girlfriend’s car.  The mobster, a captain in the Colombo crime family and 20 of his friends were charged with racketeering, loansharking, extortion and, oh yeah, cyberstalking.  The story sounds like a Hollywood B movie, but it is, apparently, real.  Read the story here.

 

Colorado Records Another First

In response to the Intelligence Community’s assessment of foreign interference in the 2016 election, reports of attempted interference in 2018 and reports from Defcon that every one of the voting machines that they tried to attack was vulnerable, Colorado Secretary of State Jena Griswold banned counting ballots using printed barcodes.  Griswold says that a barcode is not a verifiable paper trail if the voter has no idea what it says.  Colorado’s voting machine vendor, Dominion, has agreed to provide a software upgrade for free that will print out darkened circles next to the vote instead.  Unfortunately, nothing is perfect and this doesn’t go into effect until after the 2020 election.  Now that Dominion has agreed to provide the software upgrade for free,other states will likely follow.  Source: CNN .

Security News for the Week Ending August 2, 2019

Capital One Breached – 100+ Million Applicants Compromised

Among the data compromised are 140,000 US social security numbers and 80,000 bank account numbers.  Also in the mix were one million Canadian social security numbers plus names, addresses, phone numbers, birth dates and incomes.

The data included applicants who applied between 2005 and 2019.  Yes, 15 years worth of applicant data, floating around in the cloud.  I ask WHY?

The hackers were inside between March and July and the breach was discovered in July.  In this case, a U.S. person was identified as the source of the hack and arrested.  She is still in jail.

The feds say a configuration error allowed her to access their data which was stored in the cloud.  See more information at The Register.

 

Florida Senator Admits He Hasn’t Read the Report on Russian Hacking of Florida’s Election Systems

After the Republican controlled Senate Intelligence Committee released the first volume of it’s report of Russian hacking of the 2016 Presidential elections, Florida Senator and at the time Florida Governor Rick Scott said on national TV that he has not read the report.  The report, which is heavily redacted, talks about Russian efforts to hack “State-2” which is widely believed to be Florida.

The report is only 67 pages;  much less if you read the redacted version, but Scott has only gotten the Cliff-Notes version from his staff.  At the time, Scott was adamant that his state was not hacked.  Florida’s other Senator, Marco Rubio, has been working hard to sound the alarm bells on the report.  Perhaps the report hit a little to close to Scott’s denials for comfort.  Source: The Tampa Bay Times.

 

Honda Exposes the Family Jewels

134 million rows of sensitive data was accidentally exposed.  Wait.  Guess.  On an unprotected elastic search database.

Information on the company’s security systems, network, technical data on workstations, IP addresses, operating systems and patches were all exposed.  Basically, these are directions for even an inexperienced hackers to attack Honda.

Honda  is being pretty quiet about this, but it is one more more case of corporate governance gone wrong.  Or missing.  Source: Silicon Republic.

 

Apple Suspends Program Of Listening to Siri Recordings

After it was reported last week that Apple had contractors listening to people’s Siri recordings, including sensitive  protected health information,  Apple announced it was suspending the program and will conduct an investigation.  Apple said they will provide an option for people to participate in the program or not, in a future software release.  Source: The Guardian.

 

On Eve of Amazon Getting Awarded $10 Billion DoD Contract, Capital One Happens

Amazon and Microsoft are locked in mortal combat over a $10 billion DoD cloud contract called Jedi.  Now the Capital One breach happens exposing information on 100 million customers and it turns out the person who is accused of doing it is a former Amazon tech employee who may have hacked other Amazon customers as well.

So Congress wants some answers – and probably so does Microsoft.  $10 billion could be hanging in the balance.

This is a message for cloud customers to ask some hard questions of their cloud vendors, even though this particular attack was helped by a configuration error. Source: Bloomberg.

NBC Reports Seven States Election Data Hacked

NBC is reporting that the Intelligence Community developed substantial evidence that Russian financed attackers compromised the voter registration systems or web sites of seven states to different degrees.

Up until this time DHS has been completely mum about this, saying absolutely nothing.

But now NBC is reporting that the seven states are Alaska, Arizona, California, Florida, Illinois, Texas and Wisconsin.

The officials say that the systems were compromised in different ways and to different degrees.

Those state and federal officials that spoke to NBC claimed that no votes were changed and no voters taken off the voter rolls. They did not, however, provide any evidence to support those claims, so I guess we should trust them.  After all, why would they lie?

After NBC broadcast the story, the Homeland Security acting spin doctor Tyler Houlton said the reporting is not accurate and is actively undermining efforts of the Department of Homeland Security to work in close partnership with state and local governments to protect the nation’s election systems from foreign actors.  He did not say what about it was inaccurate.   Did he mean that there were only 6 states?  OR, that there were 9 states?  We don’t know.

He also said, via Twitter, that DHS has no intelligence that corroborates NBC’s reporting.

Today, Michael Daniel, top cyber security official at the end of the Obama administration, basically corroborated the NBC reports.

Perhaps DHS is telling the truth.  As the states have complained for a year now, DHS is not sharing any information with them.  Maybe the intelligence community is not sharing information with DHS.  If that is the case, both NBC and DHS could be telling the truth.

Regarding the statement that reporting is undermining the efforts to keep us safe, I have a couple of thoughts.

First, it may be useful to not telegraph how much we know to the Ruskies.  Up until now, the only state that we knew had been hacked was Illinois.  Now they know that we know that there are at least seven states.  They can compare this to the list of states that they did hack and say, maybe, “wow, we got away undetected 50%  of them time”.

But from a different standpoint, don’t the American people deserve to know the extent of Russian meddling in our elections?

For those of you who are cynical, you may draw a correlation between the current administration’s repeated efforts to “believe” Putin and disbelieve our own intelligence community and an effort by DHS to withhold information on the degree of Russian hacking.

Is this related, also, to the fact that until last week (when they appointed a committee to look into it) the Justice Department was not doing anything at all to deal with the Russian hacking?

And, is this related to the comment that soon-to-retire Admiral Mike Rogers, head of the NSA and of Cyber Command’s made before Congress that the White House has not asked them to do anything to stop Russian election hacking?

I don’t know the answer, so you are going to have to draw your own conclusions.  However, given the amount of smoke around this subject, there likely is a really, really, big fire.

Information for this post came from NBC News.