California & Florida Voter Websites Vulnerable To Hackers

Uploaded on 2020-11-02 in TECHNOLOGY--Hackers, GOVERNMENT-Local, FREE TO VIEW

Two cyber security firms sent the Department of Homeland Security (DHS) a troubling report in July this year that described a possible vulnerability in the online voter registration systems in dozens of counties in California and Florida. 

Many states, including Florida, make voters' information, including their names and party affiliations, easily accessible to members of the public who request it. Iranian intelligence was responsible for a recent campaign of emails sent to intimidate Florida voters, the FBI announced recently, adding that Russia was also working to influence the election

Now the Director of National Intelligence John Ratcliffe has announced that Russian and Iranian hackers had used some voter registration information in a bid to send misinformation to voters and sow discord ahead of the election. 

Both Iran and Russia had obtained some Americans' voter registration information, Ratcliffe said. Last year, a cybersecurity company found a software flaw in Riverside County in California voter registration lookup system, which it believes could have been the source of the breach.

The cyber security company, RiskIQ, said it was similar to the vulnerability that appears to have allowed hacks by Russian military hackers.The election threat report that flagged the vulnerability was written by cybersecurity experts  RiskIQ and  Northrop Grumman compared voter registration websites around the country with those that appeared to have been hacked in 2016. 

Administration officials have confirmed publicly that they believe that several counties in Florida, the State of Illinois Board of Elections, and possibly several counties in California had been victims of a hacking campaign four years ago.

The RiskIQ / Northrop Grumman report found that dozens of counties in Florida had voter registration websites that had lots of similarities to those in Riverside County in 2016. The report also raises the concern that these Florida counties could potentially be even more vulnerable than Riverside County was four years ago because they all share the same website management system. So if a hacker is inside one website he or she could have access to all the others too. 

In May, the FBI briefed Florida lawmakers on which of their 67 counties were successfully breached back in 2016. The officials were not allowed to divulge what they had learned, but they stressed that there was no evidence that cyber attacks changed any votes. "The actors got loud and essentially shut down the voter registration database, and that called attention to the problem," said Neil Jenkins, Chief Analytic Officer at the Cyber Threat Alliance

The report also looked at the websites' vulnerability to a particular kind of hack, something called a Padding Oracle Exploit (POE)  It was popular with hackers over a decade ago and is used to decrypt encrypted information. One of the concerns laid out in the report is that bad actors could use a POE to decrypt credentials to give themselves administrator access to the voter registration website.

Armed with this type of access hackers could potentially plant malware, change code, and even insert errors into the data.

The report also said, however, that the websites could have been compromised before the migration happened. The last voter website to migrate to a new operating system did so in 2019. The report says that the DHS do an audit of the Florida voter registration websites to make sure some vulnerability didn't accidentally slip in. However, DHS officials might hesitate to address details of the report or contact local officials about its findings because they haven't seen any indication that this hack is imminent.

As a general matter, local officials are unlikely to patch their systems against a possible vulnerability this close to the election. The last thing election officials would want to do just a week before their big day, he said, is to patch a website against a vulnerability that might not be severe and then find themselves watching helplessly when the patch makes their website crash. 

NPR:      NBC News:      Tallahassee Democrat:        NBC:   

You Might Also Read: 

Foreign Influence In The American Election Of 2020 Is Declining

 

« Cyber Spying Laws Are Changing
Securing AI In Military Systems »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Qualitest Group

Qualitest Group

Qualitest is the world’s largest pure play Quality Assurance and software testing company.

RCMP Cybercrime Strategy

RCMP Cybercrime Strategy

The RCMP Cybercrime Strategy sets out in an Operational Framework and Action Plan to combat cybercrime.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

Appvisory

Appvisory

Appvisory by MediaTest Digital is the leading Mobile Application Management-Software in Europe and enables enterprises to work secure on smartphones and tablets.

CRYPTTECH

CRYPTTECH

CRYPTTECH specializes in Information Security and Intelligence, Risk Evaluation and Vulnerability Recognition against Cyber-Attacks and APTs.

RCMP National Cybercrime Coordination Unit (NC3)

RCMP National Cybercrime Coordination Unit (NC3)

As set out in the Government of Canada's National Cyber Security Strategy, the RCMP has established the National Cybercrime Coordination Unit (NC3).

Cybersecurity Coalition

Cybersecurity Coalition

The mission of the Cybersecurity Coalition is to bring together leading companies to help policymakers develop consensus-driven policy solutions to achieve improvements in cybersecurity.

EPIC Insurance Brokers & Consultants

EPIC Insurance Brokers & Consultants

EPIC is an insuarnce broker and consultancy firm. Risk management services include risk consultancy and cybersecurity insurance.

Fend

Fend

Fend secures smart infrastructure. We provide a robust, highly secure way to have situational awareness of IoT enabled assets.

TechForing

TechForing

TechForing Ltd. works for business organization's cyber security and cyber crime incident managements. We help business to secure their business online.

ThreatReady Resources

ThreatReady Resources

ThreatReady reduces an organization’s risk by delivering cyber security awareness training based on the latest, state-of-the-art learning science to effectively drive long-term cyber-safe behavior.

Synamic Technologies

Synamic Technologies

Synamic Technologies was founded in 2018 as a start-up to automate cyber security processes. Our CISOSCOPE product automates vulnerability management, risk management and compliance.

ST Engineering Antycip

ST Engineering Antycip

ST Engineering Antycip (formerly Antycip Simulation) is Europe’s leading provider of professional grade COTS simulation software, projection & display systems, and related engineering services.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

Parablu

Parablu

Parablu is a leading provider of data security and resiliency solutions for the digital enterprise.

SecureClaw

SecureClaw

SecureClaw offers specialized cybersecurity consultation, various products, and a range of services to meet your company's business domain needs.

Averlon

Averlon

Averlon offers organizations peerless cloud security through Panoptic Cloud Visibility, Predictive Attack Intelligence and Rapid Remediation.