Amidst growing doubts of Russian involvement in the recent US presidential elections, there are fresh reports about a possible election agency breach. According to an article published in Reuters, a security firm (Recorded Future) was monitoring underground markets for a potential data dump and they found information on log-on credentials for access to computers at the U.S. Election Assistance Commission. It is notable that the agency was responsible to ensure that the voting machines meet security standards.
The researchers from the security firm contacted hackers posing as buyers and learned that the Russian-speaking hacker (also referred to as Rasputin) had obtained a credential for around 100 people working at the election commission. The FBI is currently investigating the matter.
According to the researchers, hackers were continuously scanning the assets associated with the US presidential elections looking for any weakness that they can exploit. With a myriad of automated vulnerability-detection tools available to these hackers, it becomes easier to find and crack vulnerabilities.
In the case of the election commission, it has been reported that the hackers used SQL injection, amongst other preventable flaws, to obtain a list of usernames and passwords. Recorded Future has provided a detailed summary of the incident here.
The culpability of the Putin government becomes clearer in the post-election phase. Obviously, there are a number of questions that remain unanswered now especially with the growing number of hacking incidents at the top level.
Apart from Wikileaks somehow obtaining the contents of Democratic servers, every other piece of a possible breach in the government’s data has come after the election results came out. There is, however, no information on when the hacks happened, and more importantly, did they actually skew the election results.
Politics, money, or something else? While there are many speculations on what actually happened, there should be investigations on the motive of such data breaches around the election times. Are there any Trump organization business records that might shed light on any debt or obligation that the Trump family might have in Russia and any significant income flows from Russia?
If the hackers really used SQL Injection, how could have the security folks at the US Election Agency ignored one of the most common vulnerabilities? Did they not run automated security tests and penetration testing to find the flaws? Weren’t their security measures in place to identify Russian hackers? The answers to these questions will not only shed light on what really happened but also how this could be prevented in the future.
Although we do not know the implications of these data breaches, there is plenty to be pondered upon. If a nation cannot assure unbiased elections, are we really ready to dive into the digital age? That is the exact problem that we are trying to solve.
Indusface, through its Total Application Security solution, aims to manage security risks by finding and fixing flaws before hackers. It helps detect, protect, and monitor such application-layer threats including automated attacks. Offered as a service, it provides full management of the operation using subject matter experts at a fraction of the cost of hiring an in-house team. It includes:
This post was last modified on January 2, 2024 17:32
Learn how to prevent credential stuffing attacks with strong password policies, account lockout mechanisms, anomoly… Read More
Indusface has once again been recognized as a Gartner® Peer Insights™ Customers' Choice for Cloud… Read More
Protect your business from DDoS attacks with multi-layered DDoS defense, proactive threat modeling, rate limiting,… Read More