Capitol Fax.com - Your Illinois News Radar » *** UPDATED x1 *** Isikoff hacking scoop criticized
SUBSCRIBE to Capitol Fax      Advertise Here      Mobile Version     Exclusive Subscriber Content     Updated Posts    Contact
CapitolFax.com
To subscribe to Capitol Fax, click here.
*** UPDATED x1 *** Isikoff hacking scoop criticized

Monday, Aug 29, 2016

* The Michael Isikoff elections board hacking story is getting a lot of traction out there. But cyber security specialist John Bambenek has read the FBI “Flash” memorandum that Isikoff wrote about (and which admonishes against release to the media and general public) and says Isikoff got it wrong…

The Isikoff article takes great liberties with both the details of the FBI Flash Bulletin and the facts of the matter to claim dangerous “foreign adversaries” are attacking boards of elections.

I have seen some of those IPs attack one of my own servers and it’s unlikely sophisiticated foreign adversaries are really that interested in data from my unsuccessful 2012 State Senate run.

The use of a foreign IP has no relationship to the nationality of the attacker. I personally have infrastructure in many countries, that doesn’t make me Chinese, Russian, Brazilian, American, German and French all at the same time.

A cursory exam of the data shows the IP addresses involved are commodity web scanners that constantly scan the entire internet for basic web vulnerabilities.

While it is important to highlight the risks of these threats and practice basic web application security, we ought not to stretch the truth and engage in fear mongering where none is warranted. We have the defenses required for these types of attacks, they need only be implemented.

Bambenek also told me, “Nation states don’t SQL inject through Tor.” I’ve added explanatory hyperlinks to help you parse what he’s saying.

*** UPDATE ***  The FBI alert is here.

* From the Tribune

[Ken Menzel, general counsel for the elections board] said there is a “reasonable suspicion” that the cyberattack was foreign.

“We know foreign servers were used, but it’s not conclusive that foreign actors were involved,” Menzel said. He said the FBI has “their reasons for suspecting foreign involvement, other than just some foreign servers were used.”

- Posted by Rich Miller        

14 Comments
  1. - peets - Monday, Aug 29, 16 @ 1:22 pm:

    isikoff got it way wrong.

    everyone knows nation states don’t sql inject through tor. what a dummie.


  2. - The Captain - Monday, Aug 29, 16 @ 1:29 pm:

    I never thought I’d say this but upon initial glance I’m inclined to agree with John Bambenek.


  3. - OneMan - Monday, Aug 29, 16 @ 1:32 pm:

    For an even better explanation of a SQL injection attack…

    https://xkcd.com/327/

    Little Bobby Tables.


  4. - Bobby Catalpa - Monday, Aug 29, 16 @ 1:33 pm:

    This seems like script kiddie stuff, actually.

    The fact that they used SQL injection was probably just a test — and then they discovered — shocked, I bet — that it worked.


  5. - Jorge - Monday, Aug 29, 16 @ 1:34 pm:

    Doesn’t mean an organization or group conducting this or other hacks doesn’t have ties to a government.


  6. - Bobby Catalpa - Monday, Aug 29, 16 @ 1:37 pm:

    BTW — if you want to learn what actual “nation state” hackers do, I highly recommend the new flick ‘Zero Day’. It’s out now — and (I’ll bet) you can torrent it, too, if you’re inclined and able.

    But what it shows — and documents — is what real hackers can do. And none if it is SQL injection. :)


  7. - Norseman - Monday, Aug 29, 16 @ 1:49 pm:

    The issue is that they were hacked. The who is secondary. We need to start demanding that our governments do more to protect data.


  8. - Rich Miller - Monday, Aug 29, 16 @ 2:17 pm:

    ===The issue is that they were hacked. The who is secondary.===

    We covered “the issue” back in July. “The who” is today.


  9. - Stuff Happens - Monday, Aug 29, 16 @ 2:22 pm:

    Nation States don’t use Tor, period.


  10. - Mr. Smith - Monday, Aug 29, 16 @ 3:02 pm:

    === Nation States don’t use Tor ===

    People who work for Nation States, especially if they don’t want to look like Nation States, just might try it. It is unlikely that a sophisticated hacker would use an SQL injection - but sometimes you don’t bring your A game intentionally, when you aren’t certain if you don’t need to. It may all be a non-story, but I would not jump to conclusions either way just yet.


  11. - Blue Bayou - Monday, Aug 29, 16 @ 3:03 pm:

    Thank God John Bambenek is there to protect the IBHE with his terrible swift swo….computer.


  12. - ArchPundit - Monday, Aug 29, 16 @ 3:14 pm:

    There’s another issue in that most election computers aren’t directly linked to the internet. Most have cards that are physically taken to a computer that is not on the net and then counted. They could screw with the statewide system, but that still leaves the base level data protected in most jurisdictions.

    Louisiana is fully networked, and there may be more states, but most are not.


  13. - ArchPundit - Monday, Aug 29, 16 @ 3:15 pm:

    Bambenek’s analysis is good from the security aspect.


  14. - MSIX - Monday, Aug 29, 16 @ 3:37 pm:

    =…we ought not to stretch the truth and engage in fear mongering where none is warranted.=

    Tell that to the GOP investigative committees waving their arms in panic about 4 phishing emails sent to HRC’s personal server by “the Russians.”


Sorry, comments for this post are now closed.


* Two Burke-related scoops by the Sun-Times
* Today's must-read
* More details emerge about cannabis legalization
* Did Pritzker defeat an incumbent Illinois governor by the biggest margin ever?
* Question of the day: Golden Horseshoe Awards
* Caption contest!
* Sun-Times begins to hold candidates' feet to the fire
* CTBA responds to Fitch Ratings
* Unclear on the concept
* So far, so good for Illinois auto jobs
* *** UPDATED x1 *** Tax credit could help small biz deal with minimum wage hike
* *** LIVE COVERAGE ***
* Yesterday's stories

Support CapitolFax.com
Visit our advertisers...

...............

...............

...............

...............
<


Loading


Main Menu
Home
Illinois
YouTube
Pundit rankings
Obama
Subscriber Content
Durbin
Burris
Blagojevich Trial
Advertising
Updated Posts
Polls

Archives
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004

Blog*Spot Archives
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005

Syndication

RSS Feed 2.0
Comments RSS 2.0
WordPress




Hosted by MCS SUBSCRIBE to Capitol Fax Advertise Here Mobile Version Contact Rich Miller