Tag Archives: Hacking

Georgia Secretary of State Brian Kemp Accuses Georgia Democrats of Hacking
November 5, 2018 12:02 am|Comments (0)

In December 2016, Georgia secretary of state Brian Kemp accused the Department of Homeland Security of attempting to hack his office’s systems, which include the Georgia voter registration database. Six months later, the DHS inspector general concluded that the allegations were unfounded; someone on a DHS computer had simply visited Georgia Secretary of State website. Now, two days before an election in which Kemp himself is the Republican candidate for governor, he has levied similarly unsupported charges—this time against his democratic opponents.

The Georgia Secretary of State’s office released a short statement on Sunday morning that it had opened an investigation into the Democratic Party the previous evening, “after a failed attempt to hack the state’s voter registration system.”

The Democratic Party of Georgia sharply denied the accusations in a statement to reporters. “Brian Kemp’s scurrilous claims are 100 percent false, and this so-called investigation was unknown to the Democratic Party of Georgia until a campaign operative in Kemp’s official office released a statement this morning,” wrote Rebecca DeHart, executive director of the state’s Democratic Party. “This is yet another example of abuse of power by an unethical Secretary of State.”

Kemp’s office said it has alerted DHS and the FBI. A DHS official told WIRED in a statement that, “The State of Georgia has notified us of this issue. We defer to the State for further details.” The National Association of Secretaries of State declined to comment on state-specific investigations.

While anything is possible, Kemp’s claims seem unlikely on their face, especially when you parse what little information his team has provided. “We opened an investigation into the Democratic Party of Georgia after receiving information from our legal team about failed efforts to breach the online voter registration system and My Voter Page,” his office said in a statement. “We are working with our private sector vendors and investigators to review data logs.”

A legal team seems like a surprising source for the discovery of a hacking attempt, and the fact that security teams then began reviewing the logs makes whether any suspicious activity was actually seen an open question. Kemp’s office did not provide any information about the alleged attack, or when it purportedly occurred.

“While we cannot comment on the specifics of an ongoing investigation, I can confirm that the Democratic Party of Georgia is under investigation for possible cyber crimes,” Georgia secretary of state press secretary Candice Broce wrote in a statement. Not sharing details of an investigation is a common practice, but that supposed restraint apparently did not apply to the direct, vocal accusation of Kemp’s Democratic opposition.

In his dual role as Georgia secretary of state and gubernatorial candidate, Kemp wields tremendous influence and faces monumental conflicts of interest. Over the past year, for instance, Kemp purged more than a million voters from Georgia’s rolls and has backed restrictive voter ID laws. On Friday, a federal judge determined that Kemp’s “exact match” policy, which required that a voter’s name on the roles perfectly mirror that on their identification, was likely to infringe on voting rights, and issued a preliminary injunction allowing impacted people to simply show proof of citizenship to a poll worker before voting.

Under Kemp’s watch, Georgia is also one of only five states that still uses electronic voting machines that do not generate a voter-verified paper backup—meaning there is no auditable alternative accounting of votes aside from the digital record. Kemp has resisted finding the funding to replace the machines, and was one of only about 11 top election officials who declined assistance from DHS to secure election infrastructure in the wake of the 2016 presidential election. Georgia’s digital election infrastructure has had numerous vulnerabilities and data exposures while Kemp has been in charge.

“There are already allegations that the Georgia voter registration page is vulnerable to attack and data is vulnerable to modification,” says Jake Williams, founder of the Georgia-based security firm Rendition Infosec. “Instead of dealing with the potential fallout of that, Kemp is redirecting his administration’s failure to secure state infrastructure to his opponents.”

In his own preliminary evaluation of Georgia’s voter registration system, Williams says he found numerous signs that the system is badly coded and may be poorly secured. He did not download or alter data or probe the site, and simply reviewed publicly accessible information.

Indeed, it seems within the realm of possibility that Kemp has conflated concerns about vulnerabilities with actual hacking. A report from WhoWhatWhy on Sunday detailed a memo from the Democratic Party of Georgia that outlined flaws in the state’s voter registration system. If Democrats had actually tested those flaws without permission, they would have run afoul of the Computer Fraud and Abuse Act. But plenty of third-party security researchers have identified issues with Georgia’s voter registration system without actively testing them.

Kemp’s opponent in the Georgia gubernatorial race, Democrat Stacey Abrams, told CNN’s State Of The Union on Sunday that Kemp’s office’s hacking accusations are “a desperate attempt…to distract people from the fact that two different federal judges found him derelict in his duties and forced him to allow absentee ballots to be counted and those who are being held captive by the exact match system be allowed to vote.”

Meanwhile, Kemp has plastered the accusations on the front of the Georgia Secretary of State website, where state residents also go to find voting information. And the Kemp for Governor campaign issued a parallel statement about the accusations of voter registration service hacking. “In an act of desperation, the Democrats tried to expose vulnerabilities in Georgia’s voter registration system,” the campaign wrote. “Thanks to the systems and protocols established by Secretary of State Brian Kemp, no personal information was breached.”

The Georgia Secretary of State’s office did not specifically accuse Democrats of attempting to penetration test the voter registration system to reveal flaws. It is also unclear why the party would attempt to steal voters’ personal information in the first place, given that the Georgia Secretary of State’s office will send it—minus Social Security numbers and driver’s licenses—to any member of the public who requests it. It costs $ 250.


More Great WIRED Stories

Tech

Posted in: Cloud Computing|Tags: , , , , , , ,
Canadian charged in Yahoo hacking case to plead guilty in U.S.
November 25, 2017 12:08 am|Comments (0)

(Reuters) – A Canadian accused by the United States of helping Russian intelligence agents break into email accounts as part of a massive 2014 breach of Yahoo accounts is expected to plead guilty next week, according to court records.

A photo illustration shows a Yahoo logo on a smartphone in front of a displayed cyber code and keyboard on December 15, 2016. REUTERS/Dado Ruvic/Illustration

Karim Baratov, who earlier this year waived his right to fight a U.S. request for his extradition from Canada, is scheduled to appear in federal court in San Francisco on Tuesday for the plea hearing, according to a court calendar seen on Friday.

Baratov, a 22-year-old Canadian citizen born in Kazakhstan, was arrested in Canada in March at the request of U.S. prosecutors. He later waived his right to fight a request for his extradition to the United States.

Andrew Mancilla, Baratov’s lawyer, declined to comment. A spokesman for the U.S. Attorney’s Office in San Francisco did not respond to a request for comment.

The U.S. Justice Department announced charges in March against Baratov and three other men, including two officers in Russia’s Federal Security Service (FSB), for their roles in the 2014 theft of 500 million Yahoo accounts.

Verizon Communications Inc (VZ.N), the largest U.S. wireless operator, acquired most of Yahoo Inc’s assets in June.

Prosecutors said that the FSB officers, Dmitry Dokuchaev and Igor Sushchin, directed and paid hackers to obtain information and used Alexsey Belan, who is among the U.S. Federal Bureau of Investigation’s most-wanted cyber criminals, to breach Yahoo.

When the FSB officers learned that a target had a non-Yahoo webmail account, including through information obtained from the Yahoo hack, they worked with Baratov, who was who paid to break into at least 80 email accounts, prosecutors said.

The individuals associated with the accounts they sought to access included Russian officials, the chief executive of a metals company and a prominent banker, according to the indictment.

At least 50 of the accounts Baratov targeted were hosted by Google, the indictment said.

Tuesday’s proceedings before U.S. District Judge Vince Chhabria are scheduled as a “change of plea” hearing.

Baratov, the only person arrested to date in the case, previously in August pleaded not guilty to conspiring to commit computer fraud, conspiring to commit access device fraud, conspiring to commit wire fraud and aggravated identity theft.

Reporting by Nate Raymond in Boston; Editing by Tom Brown

Our Standards:The Thomson Reuters Trust Principles.

Tech

Posted in: Cloud Computing|Tags: , , , , , , ,
UK financial watchdog investigates Equifax hacking
October 24, 2017 12:00 pm|Comments (0)

LONDON (Reuters) – Britain’s markets watchdog said it has opened an investigation into the hacking of U.S. credit reporting agency Equifax, which affected nearly 700,000 UK citizens.

FILE PHOTO: Credit reporting company Equifax Inc. corporate offices are pictured in Atlanta, Georgia, U.S., September 8, 2017. REUTERS/Tami Chappell/File Photo

“The Financial Conduct Authority announces today that it is investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its U.S. parent,” the watchdog said in a statement on Tuesday.

“This statement is made given the public interest in these matters.”

The announcement follows a letter from Nicky Morgan, chair of the House of Commons’ Treasury Committee to the watchdog, asking if Equifax had violated terms of its license to operate in the country, and whether the regulator had the power to compel the company to provide compensation to UK consumers.

Equifax has said that 15.2 million records on British citizens were involved in the breach, including sensitive data on what it said were 693,665 individuals, for whom credit protection services were offered.

The UK data accessed by unknown hackers included credit accounts, user credentials, partial credit card details and driver license numbers. The remaining 14.5 million records contained names and birth dates of UK consumers were “potentially compromised”, the company disclosed.

Equifax first revealed in September it had been the target of a massive data breach which hit around 143 million people, mostly in the United States.

Reporting by Huw Jones; Editing by Rachel Armstrong and David Evans

Our Standards:The Thomson Reuters Trust Principles.

Tech

Posted in: Cloud Computing|Tags: , , , ,
EternalRocks network worm uses 7 NSA hacking tools
May 21, 2017 9:20 pm|Comments (0)

While you won’t be forgetting the WannaCry ransomware attack, it is likely you will be hearing a lot more about the alleged NSA-linked EternalBlue exploit and DoublePulsar backdoor as it seems a wide range of bad guys have them in their toyboxes. At least one person is leveraging seven leaked NSA hacking tools for a new EternalRocks network worm.

EternalBlue and DoublePulsar

Malwarebytes believes WannaCry did not spread by a malicious spam email campaign, but by an scanning operation that searched for vulnerable public facing SMB ports, then used EternalBlue to get on the network and DoublePulsar to install the ransomware.

To read this article in full or to leave a comment, please click here


Uncategorized

Posted in: Web Hosting News|Tags: , , , , ,