Russian hackers attack US election systems

What, me worry? Russian hackers attempted and were partly successful in June in accessing the election databases of Arizona and Illinois.

Hackers targeted voter registration systems in Illinois and Arizona, and the FBI alerted Arizona officials in June that Russians were behind the assault on the election system in that state. The bureau described the threat as “credible” and significant, “an eight on a scale of one to 10,” Matt Roberts, a spokesman for Arizona Secretary of State Michele Reagan (R), said Monday. As a result, Reagan shut down the state’s voter registration system for nearly a week.

It turned out that the hackers had not compromised the state system or even any county system. They had, however, stolen the username and password of a single election official in Gila County.

The article describes in detail the overall bad situation, including a number of additional attacks as well as the poor security surrounding the online voting option that more than 30 states use.

As usual, we are being told not to worry by the responsible government officials:

Tom Hicks, chairman of the federal Election Assistance Commission, an agency set up by Congress after the 2000 Florida recount to maintain election integrity, said he is confident that states have sufficient safeguards in place to ward off attempts to ma­nipu­la­te data. For example, if a voter’s name were deleted and did not show up on the precinct list, the individual could still cast a provisional ballot, Hicks said. Once the voter’s status was confirmed, the ballot would be counted. Hicks also said the actual systems used to cast votes “are not hooked up to the Internet” and so “there’s not going to be any ma­nipu­la­tion of data.” However, more than 30 states have some provisions for online voting, primarily for voters living overseas or serving in the military.

Hicks has made me feel so much better!

Hackers devise method to take over wireless keyboards/mouses

Your modern wireless computer is not safe: Hackers have devised an attack that is capable of not only recording the keystrokes and mouse actions of wireless devices, it can also take over the computer, and it can do it from hundreds of feet away.

On Tuesday Bastille’s research team revealed a new set of wireless keyboard attacks they’re calling Keysniffer. The technique, which they’re planning to detail at the Defcon hacker conference in two weeks, allows any hacker with a $12 radio device to intercept the connection between any of eight wireless keyboards and a computer from 250 feet away. What’s more, it gives the hacker the ability to both type keystrokes on the victim machine and silently record the target’s typing.

The keyboards’ vulnerability, according to Bastille’s chief research officer Ivan O’Sullivan, comes from the fact that they all transmit keystrokes entirely without encryption. The manufacturers’ only plan against attackers spoofing or eavesdropping on their devices’ communications is to depend on the obscurity of the radio protocols used. “We were stunned,” says O’Sullivan. “We had no expectation that in 2016 these companies would be selling keyboards with no encryption.”

In other words, if you use a wireless keyboard or mouse, your system is very vulnerable and exposed.

I find this story amusing in a sense, since my friends constantly make fun of me for not upgrading to these devises. I however see no reason to spend money on a new keyboard when the old wired one I have works fine. Now I have good reason, when I do upgrade, to avoid the wireless route.

OPM ignored warnings last year its computers were insecure

An inspector general report last year had advised OPM to shut down many of its computer systems because they were running without sufficient security. The agency ignored that recommendation.

In the audit report published November 12, 2014, OIG found that 11 out of 47 computer systems operated by OPM did not have current security authorizations. Furthermore, the affected systems were “amongst the most critical and sensitive applications owned by the agency.” Two of the unauthorized systems are described in the report as “general support systems” which contained over 65 percent of all OPM computer applications. Two other unauthorized systems were owned by Federal Investigative Services, the organization which handles background investigations in connection with government security clearances. OIG warned bluntly, “any weaknesses in the information systems supporting this program office could potentially have national security implications.”

Because of the volume and sensitivity of the information involved, OIG recommended OPM “consider shutting down systems that do not have a current and valid Authorization.” But OPM declined, saying, “We agree that it is important to maintain up-to-date and valid ATOs for all systems but do not believe that this condition rises to the level of a Material Weakness.”

The head of OPM also claimed in House hearings yesterday that their failure to close these systems down was justified since the hackers were already in the system when the recommendation was made.

In other words, we didn’t do anything to make the system secure, and when hackers broke in it was further justification for not doing anything.

Yeah, let’s put our healthcare under their control also!

Obamacare website easy to hack

It appears the wrong people can find out what’s in it: The Obamacare website, which has cost taxpayers hundreds of millions if not a billion dollars (depending on who you ask), turns out to be very easy to hack.

The website requires those enrolling for ObamaCare to supply their first and last name, home address, social security number and paying information — including credit card data. Lamar Smith, chair of the committee looking after the security of the website, said there had been hearings on the “lack of security” around the website. He told Fox News: “What we”ve discovered is that it seems to be easy to be hacked, the security is not secure.

It appears the site was hacked on July 8 but the hack wasn’t discovered until August 25. That gave the hackers almost two months to rummage through the personal files of Americans. How nice.

Mysterious hacking cell towers

This is intriguing: A secure cell phone maker has uncovered 17 cell towers designed to attack cell phones that have no known owner, all located close to military bases.

The highly self-monitored phone does more than protect itself; according to Popular Science, it found 17 different phony cell towers known as “interceptors,” detected by the CryptoPhone 500 around the United States during the month of July. Interceptors are described to look to a typical phone like an ordinary tower, but once a phone connects with the interceptor, a variety of over-the-air attacks become possible, such as eavesdropping on calls and texts to pushing spyware to the device.

ESD America CEO Less Goldsmith found it suspicious that a lot of these interceptors are right on top of U.S. military bases. “So we begin to wonder – are some of them U.S. government interceptors? Or are some of them Chinese interceptors?” Goldsmith told Popular Science. “Whose interceptor is it? Who are they, that’s listening to calls around military bases? Is it just the U.S. military, or are they foreign governments doing it? The point is: we don’t really know whose they are.”

Two hacker attacks of American climate satellites in the past four years

A congressional report today revealed that two American climate satellites were attacked by hackers in the past four years.

In October 2007 and July 2008, a NASA-managed Landsat-7 satellite experienced 12 or more minutes of interference, and a Terra AM-1 satellite was disrupted for two minutes in June 2008 and again that October for nine minutes, according to Bloomberg Businessweek’s analysis of the annual report by the U.S.-China Economic and Security Review Commission. The report says the hackers gained access to the satellites — both are used for Earth climate and terrain monitoring — through the Svalbard Satellite Station in Spitsbergen, Norway. It’s believed the attackers may have hijacked the Internet connection at the Norway ground station to interfere with the operation of the satellites.