Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Florida Election Servers Hacked Again

After state officials boasted about security improvements following a breach, a hacker once again breached the same voter record systems.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
For the second time in a week, a hacker has broken into systems connected with voting in Florida, stolen data, and released it to the public.

The most recent breach occurred after Florida election officials had touted the security of their systems. "Glad you cleaned things up, pretty secure now guys," said the hacker responsible for the attack--who goes by the name "Abhaxas"--in a post to Pastebin uploaded on Thursday. That post also contained data obtained during the second hack.

Via Twitter, Abhaxas said that hacking into the servers--using well-known and what would be easy-to-close holes--took him about 10 minutes. Furthermore, he said he had access to all 310 databases on the server, though only publicly released information from two of them.

Florida officials said that the data stolen during the first breach was from an election office system in Liberty County. After that breach, Tim Durham, the chief department supervisor of elections for Collier County, downplayed the potential impact on election results, saying that every vote generates a paper trail. "Paper ballots are reviewed and compared with totals that are given per the voting machine and that's done at an open public meeting," he said, according to Storify. Likewise, another election official said that all vote tabulation was handled by a separate system, not breached during the attacks, that wasn't connected to any other systems.

Altering or tampering with election records is a third-degree felony in Florida. But the breach poses a pertinent question: Are electronic voting records so secure that an interested third party--perhaps even a foreign government--couldn't tamper with the results? The 2004 presidential election, of course, ultimately hinged on less than 400,000 votes cast in Florida.

Abhaxas made that point in the document that included information from the breached servers. "Who still believes voting isn't rigged? If the United States Government can't even keep their ballot systems secure, why trust them at all? Fail!" Furthermore, it sounds as if attackers wouldn't have to breach too many systems to create an impact. According to a Twitter post from Abhaxas, "after some research, I've found out 1 company manages all but 6 [counties'] voting sites--hosted on the same server."

The public dump of Florida voting system information is the latest in a recent string of so-called "hacktivist" efforts, which wield hacking as a means to a political end. Recently, for example, hacktivist group Anonymous has been launching distributed denial of service attacks against Turkish government agencies' websites, in protest against the country's plans to begin filtering the country's Internet access on August 22. (People in Turkey have also taken to the streets in protest.)

Likewise, as part of its 50-day hacking spree, LulzSec released a trove of sensitive information from the Arizona Department of Public Safety, in protest against the country's immigration policies. Less than one month later, that department was again hacked by the LulzSec and Anonymous spin-off known as AntiSec.

Black Hat USA 2011 presents a unique opportunity for members of the security industry to gather and discuss the latest in cutting-edge research. It happens July 30-Aug. 4 in Las Vegas. Find out more and register.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/13/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14300
PUBLISHED: 2020-07-13
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in th...
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.