Thursday, November 26, 2020

Uncategorized

FBI, Homeland Security detail how Iranian hackers stole US voter data

FBI, how US data

Voters wait in line to enter a polling place and cast their ballots on the first day of the state's in-person early voting for the general elections in Durham, North Carolina, U.S. October 15, 2020.    REUTERS/Jonathan Drake     TPX IMAGES OF THE DAY


REUTERS/Jonathan Drake TPX IMAGES OF THE DAY

US officials are shedding more light on how Iran-linked hackers stole voter info to send intimidating emails to Democrat voters. The FBI and Homeland Security’s CISA have issued an advisory (via Bleeping Computer) explaining the campaign, which ran from September 20th through October 17th. There was plenty of preparation, the agencies said, and poor defenses were at least partly to blame.

The intruders spent several days just scanning sites for vulnerabilities using a security tool from Acunetix. They also spent time researching specific exploits, including ones to spot and bypass web firewalls. They used the know-how to take advantage of election site vulnerabilities, including misconfigured sites. The techniques included SQL injections, web shell uploads and even “unique” site flaws. Scripts made “several hundred thousand” queries to download voter data.

They made at least some attempt to cover their tracks. Many of the linked IP addresses come from NordVPN’s service as well as other VPN providers.

The attackers obtained voter registration info for “at least one” state, officials said, although they unsurprisingly weren’t specific about the nature of that breach or the volume of data taken.

CISA and the FBI made several recommendations that, unfortunately, would be givens for many other organizations. They advised keeping systems updated with security patches, to scan for common web flaws like SQL injections, and to protect against web shells. Administrators should have two-step verification, too. Like it or not, election systems still have basic failings — it may be a long while before your voting info is truly secure.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Share
3
Shares

Share

Tweet

Share


Go to Source

Author: {authorlink}
https://www.blogsmithmedia.com/www.engadget.com/media/feedlogo.gif?cachebust=true Engadget https://www.engadget.com/rss.xml

Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics