Published On: Thu, Dec 15th, 2016

Hackers Breached US Election Commission Responsible for Voting Machines Security After Vote

Fears of choosing hacks and reports of information leaks were presumably some of a many talked about topics during a US presidential choosing 2016 and a debate period. Turns out a US organisation that was obliged for ensuring that voting machines were secure and that choosing officials were following best practices was itself breached by a hacker in November.

US choosing penetrate concerns grow after acknowledgment of organisation breach

Led by Presidential appointees, a Election Assistance Commission certifies voting systems and develops confidence measures and best practices for choosing officials opposite a country.

Recorded Future, a confidence organisation operative with law coercion has pronounced that a US Election Assistance Commission was penetrated after a elections. Recorded Future “was monitoring subterraneous electronic markets where hackers buy and sell things and detected someone charity logon certification for entrance to computers” during Election Commission.

Reuters reported that a confidence organisation afterwards intent in a review with a hacker by posing as a intensity buyer. They detected that hacker had managed to obtain certification of over 100 people during a Commission, Levi Gundert, VP of Intelligence during a company, and Andrei Barysevich, Director of Advanced Collection, confirmed.

Exploiting a common database vulnerability, hacker had managed to benefit entrance to a Commission network. The Russian-speaking hacker was afterwards perplexing to sell information about this disadvantage to a “Middle Eastern supervision for several thousand dollars.” However, investigate organisation alerted a law coercion pulling for a patch for a vulnerability. (It has been patched this Thursday)

Commission hasn’t responded to a hacking occurrence and FBI mouthpiece pronounced her organisation could usually criticism after a acknowledgment from a Commission.

Barysevich pronounced that a confidence organisation doesn’t trust that hacker “actually works for any supervision or is super-sophisticated.” He used a obvious disadvantage (that a Commission had unsuccessful to fix) to obtain a list of usernames and passwords, that he also managed to crack. While a news doesn’t discuss a form of hashing used, though if a hacker that confidence organisation is job “unsophisticated” can moment them, afterwards a Commission contingency be storing them with diseased encryption.

The researchers combined that a hacker had an “unusual business model,” and changed fast to sell “access,” though didn’t take information himself, creation a organisation trust he wasn’t state-sponsored.

He did, however, gained entrance to non-public reports on flaws in voting machines. Matt Blaze, an electronic voting consultant and highbrow during a University of Pennsylvania told Reuters that “in theory, someone could have used believe of such flaws to conflict specific machines.”

About the Author

Leave a comment

XHTML: You can use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>