USA Computer Services Blog
Voter Databases Do a Lousy Job at Securing Personal Data
Hackers are known to go after data of all kinds, but sometimes they have other goals in mind. With one of the biggest events in world politics fast approaching--the 2016 United States presidential election--it’s thought that this event could potentially be influenced by hackers.
Backed by apparent evidence of a data breach within the Democratic National Committee, as well as at least two state election databases, how does this argument hold water?
The two hacked databases stored voter registration information for the citizens of Illinois and Arizona. The Illinois attack leaked the personal data of 200,000 voters over the course of 10 days. The Arizona attack, however, was unsuccessful. What’s unclear about these attacks is whether or not they are related in some way to other high-profile attacks against political groups.
As reported by CIO: “According to the FBI’s alert, ‘an unknown actor’ attacked a state election database by using widely available penetration testing tools, including Acunetix, SQLMap, and DirBuster. The hackers then found an SQL injection vulnerability--a common attack point in websites--and exploited it to steal the data. The FBI has traced the attacks to eight IP addresses, which appear to be hosted from companies based in Bulgaria, the Netherlands, and Russia.”
This election season has been a major center of controversy, as there are claims of election fraud pouring in from all over the United States, as well as unfounded claims that the election may be “rigged.” In particular, it’s thought that this “voter fraud” stems from claims that voter registration databases were altered prior to state primary elections. Earlier this year, the United States formally accused Russia of being behind the hacks on the Democratic National Committee. And, of course, you can’t forget about all of the “experts” on social media who claim that the system is rigged, which attribute to the fears that the election will be influenced by foreign entities.
However, Homeland Security Secretary Jeh Johnson issued a statement regarding these fears: Homeland Security was not aware of “specific or credible cybersecurity threats” that could affect the election. Yet, these reassurances do little to mitigate the fact that these systems were infiltrated and accessed.
It just goes to show that even big targets can fall victim to hackers when their infrastructures aren’t prepared to deal with threats. If major political entities can become the victim of a cyber attack, just imagine what hackers could do to your own business. We want you to know that even companies that don’t seem to hold sensitive data can retain information useful to hackers, like credit card numbers or employee personal records.
To learn how your business can protect its data, reach out to USA Computer Services at (704) 665-1619.
Comments