Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
The Microsoft security hole at the heart of Russian election hacking
Why isn't the fact that having election official's access ability during an election not equated with the ability to change vote totals? Phished election official's access codes can be used to access more than voter registration databases and delete voters. Why not just change the election results?
The Microsoft security hole at the heart of Russian election hacking
We’re reliving the Visual Basic-spawned bad times of 1999
Preston Gralla - Contributing Editor, Computerworld - Jun 20, 2017
Russian hacking of the 2016 election went deeper than breaking into the Democratic National Committee and the Clinton campaign — the Russians also hacked their way into getting information about election-related hardware and software shortly before voting began.
The Intercept published a top-secret National Security Agency document that shows exactly how the Russians did their dirty work in targeting election hardware and software. At the heart of the hack is a giant Microsoft security hole that has been around since before 2000 and still hasn’t been closed. And likely never will.
Before we get to the security hole, here’s a little background about how the Russian scheme worked, spelled out in detail by the secret NSA document. Allegedly, Russia’s military intelligence agency, the GRU, launched a spearphishing campaign against a U.S. company that develops U.S. election systems. (The Intercept notes that the company was likely “VR Systems, a Florida-based vendor of electronic voting services and equipment whose products are used in eight states.”) Fake Google Alert emails were sent from noreplyautomaticservice@gmail.com to seven of the company’s employees. The employees were told they needed to immediately log into a Google website. The site was fake; when at least one employee logged in, his credentials were stolen.
Using those credentials, the GRU hacked into the election company, the NSA found, and stole documents for a second, far more dangerous spearphishing attack. In this second attack, launched either on Oct. 31 or Nov. 1, 2016, spearphishing emails were sent to 122 email addresses “associated with named local government organizations,” which probably belonged to officials “involved in the management of voter registration systems.” In other words, the Russians targeted people who maintain voter registration rolls. ..................
The Intercept published a top-secret National Security Agency document that shows exactly how the Russians did their dirty work in targeting election hardware and software. At the heart of the hack is a giant Microsoft security hole that has been around since before 2000 and still hasn’t been closed. And likely never will.
Before we get to the security hole, here’s a little background about how the Russian scheme worked, spelled out in detail by the secret NSA document. Allegedly, Russia’s military intelligence agency, the GRU, launched a spearphishing campaign against a U.S. company that develops U.S. election systems. (The Intercept notes that the company was likely “VR Systems, a Florida-based vendor of electronic voting services and equipment whose products are used in eight states.”) Fake Google Alert emails were sent from noreplyautomaticservice@gmail.com to seven of the company’s employees. The employees were told they needed to immediately log into a Google website. The site was fake; when at least one employee logged in, his credentials were stolen.
Using those credentials, the GRU hacked into the election company, the NSA found, and stole documents for a second, far more dangerous spearphishing attack. In this second attack, launched either on Oct. 31 or Nov. 1, 2016, spearphishing emails were sent to 122 email addresses “associated with named local government organizations,” which probably belonged to officials “involved in the management of voter registration systems.” In other words, the Russians targeted people who maintain voter registration rolls. ..................
3 replies
= new reply since forum marked as read
= new reply since forum marked as read
