back to article Big US election coming up, security is vital and, oh look... a federal agency just got completely pwned for real

An unspecified US government agency was hacked by a miscreant who appears to have made off with archives of information. This is according to Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA), which on Thursday went into technical detail on how an intruder: broke into staffers' Office 365 accounts; gained …

  1. disgruntled yank Silver badge

    FYI

    The election bit makes for an eye-catching headline, but elections of all sorts, including the presidential, are managed by the states and, to some degree, counties. (Remember the "butterfly ballot" in Palm Beach County, Florida, during 2000?) That is not to say that the states are any better at information security, just that there is no immediate link between a hacked federal agency and state agencies of any sort.

    1. Yet Another Anonymous coward Silver badge

      Re: FYI

      Especially since this time the federal government attempting to hijack the election is the federal government

      1. This post has been deleted by a moderator

    2. HellDeskJockey

      Re: FYI

      Correct there is no national Election Authority in the US. Also who is the agency? There are a lot of Federal agencies performing many functions. Some of which are more critical than others. It could be anything from the Defense Department to the National Endowment for the Arts.

    3. Anonymous Coward
      Anonymous Coward

      Re: FYI

      Sure, but in the current political environment why is the government agency name being kept secret? Probably because someone in high office would be embarrassed. The description of the methods sound very much like a foreign government attack - nothing new about that.

      1. This post has been deleted by a moderator

    4. a_yank_lurker Silver badge

      Re: FYI

      Or the recent news of ballots being tossed in Lucerne County, PA this year.

  2. Cynic_999 Silver badge

    They captured the hackers' IP addresses

    I wonder how many of those will be TOR exit nodes or located in countries that do not share information with the US?

    1. Alumoi Silver badge

      Re: They captured the hackers' IP addresses

      I wonder how many of those IPs are in the 192.168.x.x range.

    2. Anonymous Coward
      Anonymous Coward

      Re: They captured the hackers' IP addresses

      Charge the owner of the node with aiding and abetting. Simple.

      1. tfb Silver badge
        Alien

        Re: They captured the hackers' IP addresses

        Charge the owner of the node with aiding and abetting. Simple.

        You do understand that the owner of that node may be a citizen of the country where the node is sited, right? And that country may consider itself a sovereign nation and its citizens not subject to US law?

        1. sanmigueelbeer Silver badge
          Happy

          Re: They captured the hackers' IP addresses

          And that country may consider itself a sovereign nation and its citizens not subject to US law?

          There, FTFY.

        2. Anonymous Coward
          Anonymous Coward

          Re: They captured the hackers' IP addresses

          You do understand countries have agreements whereby they can charge someone with a crime in their country? If you run a Tor exit node you will be assisting criminal activity (as well as helping people who need the anonymity). Simple point. You cannot hide behind just directing the traffic. There are consequences for actions. Just because it is on the internet doesn’t protect you.

  3. TrumpSlurp the Troll

    Got them all?

    Given the broad ranging and sophisticated attack I do wonder if they have traced everything.

  4. Kev99

    But, but...The internet is perfectly safe and secure. Just as a screen window won't let air pass thru.

    When will these goofs realise that a net is just a bunch of holes connected by string and a cloud is a bunch of holes connected with vapor.

    before the bean counters took over almost all multi-location data was transmitted over dedicated lines. In the case of many electric companies, over their own power lines. Maybe they should go back to that.

    1. teknopaul Silver badge

      agreed, if you use morse code it is less distracting than Teams. And has more secure cyber.

      1. John Brown (no body) Silver badge

        Especially of you ROT13 the message, twice for good measure, before sending it.

  5. Anonymous Coward
    Anonymous Coward

    The only rational response to this kind of attack

    Is to storm the nearest pizza restaurant armed with automatic weapons

  6. Anonymous Coward
    Anonymous Coward

    "The cyber threat actor was able to overcome the agency's anti-malware protection"

    Maybe the ant-malware protection was disabled by an employee to stop the nagging warnings when running a key generator for their pirated copy of Office 365?

    (That story never gets old)

  7. FQ

    Seems that turning on Multi Factor Authentication for o365 could have stopped the first step. Sure, users don't like MFA but this is the new reality we live in.

  8. This post has been deleted by its author

    1. Scott 53

      Re: Passwords in Email

      But it's OK if you send an encrypted document in one email and the password in a completely separate email - right?

    2. Claptrap314 Silver badge

      Re: Passwords in Email

      What they found was a 0. It's worthwhile to read to the end of the paragraph before commenting.

  9. tfb Silver badge
    Big Brother

    So

    this event is very definitely going to be used by the orange shitgibbon and his enablers as evidence of why non-in-person voting is unsafe and therefore should not be allowed (they aren't ready, just yet, to make viting for anyone but the shitgibbon or his anointed representatives and successors a crime, but that will come). If I was paranoid I might suspect that the people pulling the shitgibbon's strings might have arranged for this to happen, just now, for that very purpose.

  10. HildyJ Silver badge
    Facepalm

    Place your bets

    Based on the article, I assume it was a state player.

    Election security for the US doesn't exist because there are no elections run by the federal government. But there is an agency that is supposed to facilitate and coordinate it for state and local governments so I assume it was the Department of Homeland Security (DHS) that was hacked.

    As for who, I'd put my money on Russia.

    BTW, the Pennsylvania "scandal" seems to be military ballots that were received in absentee ballot request envelopes and opened. Nothing to see there.

    1. jelabarre59 Silver badge

      Re: Place your bets

      As for who, I'd put my money on Russia.

      More likely the CCP

      1. redpawn Silver badge

        Re: Place your bets

        More likely a 400lb man in his mother's basement

        1. Imhotep Silver badge

          Re: Place your bets

          Who is posing as an underage girl.

      2. DryBones
        FAIL

        Re: Place your bets

        Well, aren't you just a triple-word-core for parroting disinformation and conspiracy theories? It's all you seem to have.

    2. Anonymous Coward
      Anonymous Coward

      They're defenseless

      @" I'd put my money on Russia."

      If its Russia, you'll see CISA head swapped out for daring to defend the US against Russian attack!

      They should just pay Trump off. If you read Michael Cohen's book, the Oligarch money they funneled him was barely $50 million.

      He has that $479 million in debt that will need refinancing as its coming due. He tried to borrow another $10 million back in 2016 but was refused. Lots of money skimmed off in hotel fees to US.gov and to his inauguration committee, but he still had to borrow $11 million on a 30 year mortgage to buy his sisters house, so he's broke.

      He's broke, borrowing money means he doesn't have that money available from profits.

      So just buy him off. That's how he exited his Atlantic city casino, he was attacking the casino he was supposed to run, till they paid him to exit.

      You want Putin to stop killing US troops while Trump frees the Taliban he hired to do it? Pay him more than Putin. Atlantic City gambit, he's worth as much damage he can do to the US.

      1. Anonymous Coward
        Anonymous Coward

        Re: They're defenseless

        Yep, this weekend's news, some of his tax returns have leaked. As expected large losses some years, little or no profits others. Trying to keep Trump Corp from collapsing is why he's so needy to foreign dictators. Why they can seemingly attack with impunity, with Trump running interference for them.

        https://bgr.com/2020/09/27/donald-trump-tax-returns-new-york-times-reports-details/

        “In 2018, for example, Mr. Trump announced in his disclosure that he had made at least $434.9 million. The tax records deliver a very different portrait of his bottom line: $47.4 million in losses.” https://t.co/ZRYQrrWLSq

        Roll up roll up, you want this nuke treaty cancelled? But you have to do me a favor though. You want all our bases in Syria? Oooo and I always wanted rid of these condo units in Florida. I guess as more details come out we'll find out about more of the side deals.

        That 2018, borrowing $11.2 million on a 30 year mortgage, co-signed by his kids because he's too old to borrow money over 30 years, that's a major tell as to the poor state of his finances.

        The emoluments clause should have been enforced from day 1.

  11. Mister Dubious

    Major Strasser has been shot!

    "As for prevention, CISA recommended organizations follow the usual best practices [...]"

    Round up the usual suspects.

  12. Jonjonz

    A candidate that owes money to Russians and who all the polls said would lose, gets elected.

    The Russians have quite a history of trying to rig elections in other countries.

    That could never happen here, not with the level of security provided by the bake sale budgets most local election committees run on.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021