Cyberattack In South Florida Is First Known Hack On Election Data: Report

[Erica Absetz <eabsetz () opensecurityfoundation org>]

http://www.ibtimes.com/cyberattack-south-florida-first-known-hack-election-data-report-1134137#

The first known case of a cyberattack against online election data has
occurred in South Florida, where more than 2,500 “phantom requests”
for absentee ballots were reportedly recorded last summer.

REUTERS
Electronic voting machines have come under scrutiny for inaccuracy and
lack of security.

RELATED

NSA Turns To Hackers To Make Internet...

Pentagon Planning Huge Manpower Boost...

Those requests were sent to the Miami-Dade County elections website
using a computer program, according to a grand jury report published
by NBC News on Monday. According to The Miami Herald, which first
reported on the incident last month, the requests originated from only
a handful of Internet Protocol addresses that “had all the appearances
of a political dirty trick, a high-tech effort by an unknown hacker to
sway three key Aug. 14 primary elections.”

The purported targets were Florida’s 26th congressional district, a
new district created as a result of the 2010 Census, and Florida
state’s 103rd and 112th districts.

“It’s the first documented attack I know of on an online U.S.
election-related system that’s not [involving] a mock election,” David
Jefferson, a computer scientist on the board of directors of the
Verified Voting Foundation, told NBC News.

When those phantom requests were flagged, Florida election staff
checked with voters to see if they had actually requested an absentee
ballot. Although state officials blocked the Internet Protocol address
the requests originated from, the hacker eventually switched to
different addresses.

The grand jury report states the mysterious requests eventually
stopped. The hackers were never identified.

Although there have been allegations of U.S. election system hacking
in the past – such as a 2006 incident in Sarasota, Fla., when a
computer worm allegedly dismantled the county elections voter database
– investigations into those events have traced them to software
glitches or machine failures.

The fear of potential cyberattacks isn’t only centered on elections
data. Congressional lawmakers – and even President Barack Obama --
are becoming increasingly concerned about falling victim to a
potentially “catastrophic” cyberattack, according to The Hill, which
reports the topic has received renewed attention amid reports that
Chinese hackers are waging a “cyber-spying” program against American
companies.

The issue particularly hit home after high-profile hacker attacks
occurred on companies such as The New York Times, Microsoft and Apple.
More than 140 cyberattacks against Wall Street have reportedly
occurred within the last six months.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.