Just in:
Save the Children Hong Kong’s Play to Thrive: Prioritising Personal Growth Over Competitive Success // Beijing widens Japan curbs as Takaichi row deepens // Bangladesh-China Joint Statement On Teesta Cooperation Poses A Big Challenge To India // PRHK 2026 Benchmark Report highlights how Hong Kong’s IPO revival, AI, and the GBA are reshaping the SAR’s PR industry // World’s First Commercial Multimodal LLM for Cultural Tourism Enters Broad Application // OpenAI limits Sol launch amid cyber risks // XRG and Eni deepen Argentina LNG push // Where Minds Meet to Launch Space Economy Association Off the Ground // Masdar starts Kazakh wind power push // Alibaba Cloud gains edge in agentic AI race // CG Capital, the Leader in Branded Residences in Thailand, Marks Milestone Success for InterContinental Residences Bangkok Asoke Amid Global Economic Uncertainty // 5 Law Firms Making a Difference in Cincinnati // Why your AI transformation can fail — and it’s not the technology // China’s digital hub Hangzhou hosts conference on AI, OPC // Hawaii tests plastic waste in roads // Bid To Rebuild Bengal To Its Old Glory Is Welcome, Though Difficult // Bracell Welcomes Fernando Branco’s Appointment to Lead ABAF and Reinforces Commitment to Sustainable Forestry Development in Bahia // Taiwan International Plant-Based Festival Launches in Singapore: High-End Culinary Partnerships and Diplomatic Exhibitions Shape Premium Agri-Product Branding // Dubai advances Gold Line contractor race // France and Oman press toll-free Hormuz passage //

U.S. election agency breached by hackers after November vote

By Joseph Menn

ADVERTISEMENT

The U.S. agency charged with ensuring that voting machines meet security standards was itself penetrated by a hacker after the November elections, according to a security firm working with law enforcement on the matter.

The security firm, Recorded Future, was monitoring underground electronic markets where hackers buy and sell wares and discovered someone offering log-on credentials for access to computers at the U.S. Election Assistance Commission, company executives said.

Posing as a potential buyer, the researchers engaged in a conversation with the hacker, said Levi Gundert, vice president of intelligence at the company, and Andrei Barysevich, director of advanced collection.

Eventually they discovered that the Russian-speaking hacker had obtained the credentials of more than 100 people at the election commission after exploiting a common database vulnerability, the researchers said.

The hacker was trying to sell information about the vulnerability to a Middle Eastern government for several thousand dollars, but the researchers alerted law enforcement and said Thursday that the hole had been patched.

The Election Assistance Commission said in a statement late Thursday that it had become aware of a “potential intrusion” and was “working with federal law enforcement agencies to investigate the potential breach and its effects.”

“The FBI is currently conducting an ongoing criminal investigation,” the statement added.

The election commission certifies voting systems and develops standards for technical guidelines and best practices for election officials across the country.

The researchers said the hacker had an unusual business model, scanning for ways to break into all manner of businesses and other entities and then moving rapidly to sell that access, rather than stealing the data himself.

“We don’t think he actually works for any government or is super sophisticated,” Barysevich said.

In the case of the election commission, the hacker used methods including an SQL injection, a well known and preventable flaw, obtaining a list of user names and obfuscated passwords, which he was then able to crack.

Though much of the commission’s work is public, the hacker gained access to non-public reports on flaws in voting machines.

In theory, someone could have used knowledge of such flaws to attack specific machines, said Matt Blaze, an electronic voting expert and professor at the University of Pennsylvania.

The researchers were confident that the hacker moved to sell his access soon after getting it, meaning that he was not inside the system before election day.

The U.S. voting process is decentralized and there were no reports of widespread fraud in November.

The Election Assistance Commission was created by the Help America Vote Act of 2002 and is led by presidential appointees.

(Editing by Jonathan Weber and Leslie Adler)

-Reuters



Notice an issue?

Arabian Post strives to deliver the most accurate and reliable information to its readers. If you believe you have identified an error or inconsistency in this article, please don't hesitate to contact our editorial team at editor[at]thearabianpost[dot]com. We are committed to promptly addressing any concerns and ensuring the highest level of journalistic integrity.


ADVERTISEMENT
Social Media Auto Publish Powered By : XYZScripts.com