Amidst growing doubts of Russian involvement in the recent US presidential elections, there are fresh reports about a possible election agency breach. According to an article published in Reuters, a security firm (Recorded Future) was monitoring underground markets for a potential data dump and they found information on log-on credentials for access to computers at the U.S. Election Assistance Commission. It is notable that the agency was responsible to ensure that the voting machines meet security standards.
The researchers from the security firm contacted hackers posing as buyers and learned that the Russian-speaking hacker (also referred to as Rasputin) had obtained a credential for around 100 people working at the election commission. The FBI is currently investigating the matter.
According to the researchers, hackers were continuously scanning the assets associated with the US presidential elections looking for any weakness that they can exploit. With a myriad of automated vulnerability-detection tools available to these hackers, it becomes easier to find and crack vulnerabilities.
In the case of the election commission, it has been reported that the hackers used SQL injection, amongst other preventable flaws, to obtain a list of usernames and passwords. Recorded Future has provided a detailed summary of the incident here.
The culpability of the Putin government becomes clearer in the post-election phase. Obviously, there are a number of questions that remain unanswered now especially with the growing number of hacking incidents at the top level.
Apart from Wikileaks somehow obtaining the contents of Democratic servers, every other piece of a possible breach in the government’s data has come after the election results came out. There is, however, no information on when the hacks happened and more importantly did they actually skew the election results.
Politics, money, or something else? While there are many speculations on what actually happened, there should be investigations on the motive of such data breaches around the election times. Are there any Trump organization business records that might shed light on any debt or obligation that the Trump family might have in Russia and any significant income flows from Russia?
If the hackers really used SQL Injection, how could have the security folks at the US Election Agency ignored one of the most common vulnerability? Did they not run automated security tests and penetration testing to find the flaws? Weren’t their security measures in place to identify Russian hackers? The answers to these questions will not only shed light on what really happened but also how this could be prevented in the future.
Although we do not know the implications of these data breaches, there is plenty to be pondered upon. If a nation cannot assure unbiased elections, are we really ready to dive into the digital age? That is the exact problem that we are trying to solve.
Indusface, through its Total Application Security solution, aims to manage security risks by finding and fixing flaws before hackers. It helps detect, protect and monitor such application-layer threats including automated attacks. Offered as a service, it provides full management of the operation using subject matter experts at a fraction of the cost of hiring an in house team. It includes:
Founder & Chief Marketing Officer, Indusface
Venky has played multiple roles within Indusface for the past 6 years. Prior to this, as the CTO @indusface, Venky built the product/service offering and technology team from scratch and grew it from ideation to getting initial customers with a proven/validated business model poised for scale. Before joining Indusface, Venky had 10+ years of experience in the security industry and had held various mgmt/leadership roles in Product Development, Professional Services, and Sales @Entrust.