Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management

    Russian Voter System Tampering the Result of Typical Weak Security

    By
    WAYNE RASH
    -
    June 8, 2017
    Share
    Facebook
    Twitter
    Linkedin
      cyber attack

      The recent disclosure of a document leak from the National Security Agency that contains details about the Russian hacking attempt on a vendor of voter registration software has the making of a spy thriller, even including a perpetrator with a name that might be right out of a James Bond spy thriller.

      But as bad as that leak was, the ease with which the Russians penetrated the voter registration software company’s security was worse. Worse yet was the ease at which the Russians penetrated some of the state election officials’ defenses.

      The theft of the top secret report on Russian hacking by a former NSA contractor with the unlikely name of Reality Winner is something that the intelligence agency always tries to prevent. But there are some things that even the best security can’t stop and bad faith on the part of a trusted individual is one of them.

      The U.S. Justice Department announced on June 5 that it had charged Winner with mailing a classified document that contained details of the Russian hack on a voter-registration system known as EViD to “The Intercept,” news website.

      It’s easy to criticize the NSA for allowing Winner to have access to such files, but in reality employees and contractors need access to classified information to do their jobs. Every now and then, there’s a failure in the system, which is what happened here.

      Last fall, however, a series of other system failures put the integrity of the 2016 election at risk. While it’s not clear that the Russians were able to were actually able to tamper with election results, the fact that they got access so easily is deeply troubling.

      There were two types of failings that gave the Russian hackers access. The first was a phishing attack against a vendor of voter registration software, VR Systems of Tallahassee, Florida. Someone in the targeted company clicked on a link that provided the hackers with access to a database containing the contact information of election officials in several states.

      The second attack was another phishing attack, this time with a payload of purported Microsoft Word files. Those emails were crafted to appear to be from the vendor of the voter registration software. The apparent goal was to provide access to voter registration records in several states and then to alter them in a way to create chaos on election day.

      Had the software vendor or the states involved had adequate security, the cyber-attack launched by the Microsoft Word files would not have been successful, which is apparently the case in at least some of the states. This may have been partly because the bogus emails used to approach the states were so blatantly phony that state officials recognized them as such and complained to the software vendor.

      But suppose the fake emails had been more expertly crafted. Would the states still have caught on? That would require an additional level of security, and at this point it’s not known whether there was another level of security to thwart this attack.

      But the apparently unsuccessful hacking attempt is behind us, so the next step is to find lessons to learn from the attempt. The first lesson is how to deal with a phishing attack. After all, if your employees don’t act on a phishing email, then nothing will come of it.

      This is one area that requires constant training. There’s currently no effectively way to filter out phishing emails, so your employees need to recognize a potential phishing attempt, and at the very least not act. Preferably, those employees should then notify your head of IT or head of security of the apparent attempt. That person can then take further action to prevent or render useless any further phishing attempts.

      Second, your security software needs to recognize the payloads and actions of the malware that may be included in a phishing email. Because the malware providers are trying to find ways to evade such detection, you can’t just buy an anti-virus product and hope for the best. You also need anti-malware software that recognizes the threat hidden inside the payload.

      It’s worth noting that the voter registration software company was fairly small, which may it was targeted by the Russian hackers. It’s a fact of life that many smaller companies have only a minimal IT staff, if they have any at all. They are even less likely to have an IT security staff, which makes them a very soft target and exactly what attackers are looking for.

      That small under-protected company can then lead the attackers to their larger partners by providing an attack pathway and by providing a credible disguise for phishing emails. In addition, attackers depend on those smaller companies not believing that they’re a potential target, which in turn makes them more susceptible to attacks.

      Just as in the case of constant training to handle phishing attacks, your employees also need to recognize other vulnerabilities where they’re the first line of defense. That means they need to be suspicious about releasing email addresses and phone numbers for executives and other senior employees for example. And remember, that release of information can come from phone calls as easily as from emails.

      While it’s probably impossible to block every attempt to extract information from any company, the ultimate goal is to make it sufficiently inconvenient that the attacker targets someone else. If enough companies make it really hard to get info, then eventually the attackers will try another line of work.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×