Slashdot Mirror

← Back to Stories (view on slashdot.org)

DHS Tried To Breach Our Firewall, Says Georgia's Secretary of State (cyberscoop.com)

Posted by BeauHD on from the access-denied dept.

An anonymous reader quotes a report from CyberScoop: Georgia's secretary of state has claimed the Department of Homeland Security tried to breach his office's firewall and has issued a letter to Homeland Security Secretary Jeh Johnson asking for an explanation. Brian Kemp issued a letter to Johnson on Thursday after the state's third-party cybersecurity provider detected an IP address from the agency's Southwest D.C. office trying to penetrate the state's firewall. According to the letter, the attempt was unsuccessful. The attempt took place on Nov. 15, a few days after the presidential election. The office of the Georgia Secretary of State is responsible for overseeing the state's elections. "At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our network," Kemp wrote in the letter, which was also sent to the state's federal representatives and senators. "Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network. This is especially odd and concerning since I serve on the Election Cyber Security Working Group that your office created." "The Department of Homeland Security has received Secretary Kemp's letter," a DHS spokesperson told CyberScoop. "We are looking into the matter. DHS takes the trust of our public and private sector partners seriously, and we will respond to Secretary Kemp directly." Georgia was one of two states that refused cyber-hygiene support and penetration testing from DHS in the leadup to the presidential election. The department had made a significant push for it after hackers spent months exposing the Democratic National Committee's internal communications and data.

64 of 146 comments (clear)

  1. '"We are looking into the matter" by Anonymous Coward · · Score: 5, Funny

    Translation: We will deny this happened while privately scolding the team we ordered to do this. If you keep pushing us, we will be forced to throw our IT guys under the bus.

    1. Re:'"We are looking into the matter" by BarbaraHudson · · Score: 4, Insightful

      More like "We won't be scolding our guys because they were following orders. Whose orders? Sorry, you're not cleared for that | We'll look into it and (maybe) let you know what we find | The people doing the penetration attempt thought your state was on the approved list | It was a computer glitch | Russia tried to hack you, not us."

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    2. Re:'"We are looking into the matter" by npslider · · Score: 2

      "These are not the ports we're looking for... move along"...

    3. Re:'"We are looking into the matter" by Anonymous Coward · · Score: 1

      Sorry, but the Russians were behind getting Trump in. This is just more double agent activity.

    4. Re:'"We are looking into the matter" by Xenographic · · Score: 4, Informative

      I had to read this carefully before I realized that the US state of Georgia was complaining, rather than the country of Georgia.

    5. Re:'"We are looking into the matter" by Anonymous Coward · · Score: 1

      lol@democrats using the russians as an excuse.. It's a page straight from the republican cold war propaganda strategy.

      captcha: crackpot

    6. Re: '"We are looking into the matter" by bn-7bc · · Score: 1

      Don't go arround poking bears esp not ones with nukes, well it does not seem like Russia gives a s... Vladimir actually looked flattered that the US accused Russia of messing with the us election

    7. Re:'"We are looking into the matter" by Ungrounded+Lightning · · Score: 2

      Hell they probably would have accepted the offer for a free pen test. Instead many orgs react rather violently if they dont know about it and you did it.

      An unexpected, unauthorized, "free pen test" is indistinguishable from a bad-guy cracking attempt, and must be treated as if it's a real threat. This causes ENORMOUS extra costs as the victim has to batten the hatches, examine everything for corruption and/or possible persistent threat instalation, compare working databases to backups and examine the differences vs. update audit trails, and so on.

      Not to mention the concern that it might be a real attempt by the DHS, or a rogue group within it, to hack the election.

      --
      Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
    8. Re:'"We are looking into the matter" by Wintermute__ · · Score: 2

      Countries have Secretaries of State, too, you know. And governments have been rumored to occasionally attempt to breach the networks of foreign countries as well. The confusion is warranted in this case.

      The part that gave it away was the Secretary of State saying, "Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network. This is especially odd and concerning since I serve on the Election Cyber Security Working Group that your office created." At that point, it was clear that this was referring to the U.S. State of Georgia, not the nation of Georgia.

    9. Re:'"We are looking into the matter" by Wintermute__ · · Score: 1

      OK, I'll bite. Please name one instance of the US interfering in a foreign election. Pot calling the kettle black indeed...

    10. Re:'"We are looking into the matter" by BarbaraHudson · · Score: 4, Informative

      Either you don't know your history, or you're too lazy to use google, so the first item that comes up when asking about us interference in other countries elections:

      In the 1958 Japanese election, the United States gave the Liberal-Democratic Party damaging political intelligence on its main rival, the Socialists. The CIA acquired it from paid informants within the Socialist Party. In the 1990 Nicaraguan elections, the United States leaked damaging information on alleged Sandinista corruption and Swiss bank accounts, funneling the information to German newspapers. The Nicaraguan opposition then used these German media reports to great effect.

      In other words, the CIA was doing the exact same thing that they accuse Wikileaks of doing. US exceptionalism at work - "the rules don't apply to us."

      and

      “Isn’t it interesting that her (Clinton's) campaign is now experiencing the same thing that she perpetrated on other countries,” Netherton told The Huffington Post, as she awaited Sanders’ speech Monday night.

      “She did this in Haiti, she did this in Honduras, and now it’s coming back on her and she’s all verklempt about it,” Netherton added. “It’s a little bit of her own medicine, but unfortunately I don’t think she’s open minded enough to see that for what it is.”

      Indeed, meddling in foreign politics is a great American pastime, and one that Clinton has some familiarity with. For more than 100 years, without any significant break, the U.S. has been doing whatever it can to influence the outcome of elections up to and including assassinating politicians it has found unfriendly.

      Assassinating politicians is certainly going to keep them from running in an election.

      When Iran elected a nationalist politician, Mohammed Mosaddeq, the U.S. intervened to launch a coup in 1953, which CIA agent Kermit Roosevelt led. Mossadegh’s crime was to nationalize a British oil company, a forerunner to BP, and to spark concerns among the paranoid Dulles brothers that he was leaning toward the Soviet Union. The U.S. installed Mohammad Reza Shah Pahlavi, Iran’s monarch, as the head of Iran and his repressive rule led to the Iranian revolution. That uprising, in turn, has given us a brutally repressive regime in Iran, client terrorist groups around the Middle East, savage sectarian violence in Iraq and a nuclear standoff.

      Overthrowing a democratically elected politician and getting rid of elections is also interfering in Iran's electoral process.

      When the French withdrew from Vietnam in the 1950s, they scheduled an election to be held shortly after. It became increasingly clear that the communist revolutionary leader Ho Chi Minh would win it in a landslide. So the U.S. intervened and installed Ngo Dinh Diem as leader of a new country it recognized as South Vietnam. The national election was canceled, but the U.S. still needed a way to pretend the puppet regime had political support. So it set up an election between Diem, who was widely disliked, and an exiled member of the royal family who was even more hated. Diem won with an absurd tally of 98.2 percent.

      Cancelling an election that would have elected someone the US didn't want to win is most certainly interfering in their electoral process.

      The election in 2014 didn’t go as the U.S. intended (like the one in 2009, shot through with fraud that gave it to Hamid Karzai). So the U.S. declared it a tie and created a new position not in the Afghan constitution called Chief Executive Officer.

      There are plenty of other examples of US interference in other countries.

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    11. Re:'"We are looking into the matter" by dbIII · · Score: 1

      And in the dictionary you will find that "state" can also apply to "nation state" - but it's all moot because the guy who said he was mistaken was only making a joke.

    12. Re:'"We are looking into the matter" by phantomfive · · Score: 1

      It took me a long time before I realized the Beatles song "Back in the USSR" was talking about Georgia the country, not Georgia the state. Song made a lot more sense after that.

      --
      "First they came for the slanderers and i said nothing."
    13. Re:'"We are looking into the matter" by Cederic · · Score: 1

      Yep, I want to see a prosecution on this one.

      If a private individual tried to do this to assure that their government is secure they'd be seeing jail time. DHS have to obey the law too.

    14. Re:'"We are looking into the matter" by BarbaraHudson · · Score: 1

      Iran was a secular democracy, with women dressing the same as elsewhere in the world, going to universities, etc. So no, it's not a gross over-simplification. The US, in conjunction with Britain, f*cked up the middle east and created the conditions for muslim extremism to flourish by overthrowing a democratically elected government.

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    15. Re:'"We are looking into the matter" by BarbaraHudson · · Score: 1

      But it certainly makes the US a hypocrite. Again.

      It's like when Clinton was saying "those emails were illegally obtained". So what - that didn't make them untrue, and whistle-blowing is the right thing to do. She wouldn't have bitched if the Russians (or anyone else) illegally leaked Trump's tax returns.

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    16. Re:'"We are looking into the matter" by Agripa · · Score: 1

      We have always been at war with Eastasia.

    17. Re:'"We are looking into the matter" by RockDoctor · · Score: 1

      The US, in conjunction with Britain, f*cked up the middle east

      Don't excuse France from the blame-fest.

      by overthrowing a democratically elected government.

      Hey, it's one of the things we do best.

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
    18. Re:'"We are looking into the matter" by BarbaraHudson · · Score: 1

      My response was to the poster who demanded that I provide even one incident where the US interfered in a foreign election, and I provided several. Let's also not exclude Great Britain, who, seeing that Iran had elected someone who was going to nationalize the oil industry, including British assets, asked the US to intervene. The CIA did so, with the result being a coup and the installation by the US of the shah of Iran.

      I'm pretty sure there are other countries that are also in their own ways responsible for the mess in the middle east.

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    19. Re:'"We are looking into the matter" by RockDoctor · · Score: 1

      Let's also not exclude Great Britain, who, seeing that Iran had elected someone who was going to nationalize the oil industry, including British assets, asked the US to intervene.

      Oh yes, I know (well, knew - he's probably pushing 100 now, if not dead) people who were tortured by Britain and America's catspaws in the 1950s after the Shah was installed. Very informative for trade unionists in the North Sea oil industry.

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
  2. Re:gotta get to the bottom of this by skids · · Score: 2

    You truly have no reading comprehension ability, do you?

    --
    Someone had to do it.
  3. DHS bot by magarity · · Score: 4, Insightful

    detected an IP address from the agency's Southwest D.C. office trying to penetrate the state's firewall... "We are looking into the matter"

    Probably the DHS servers are all overrun with botnets trying to probe around for more servers to take over.

    1. Re:DHS bot by npslider · · Score: 1

      I'm not sure which is worse:

      1. The DHS servers are really botnets
      2. The DHS tried to do this
      3. The "DHS servers" likely succeeded else where

    2. Re:DHS bot by Obfuscant · · Score: 1

      I'm not sure which is worse: 1. The DHS servers are really botnets

      Unlikely.

      2. The DHS tried to do this

      Sorry, I don't see how this is bad. One government agency that does this pen tested another government agency that had refused "cyber hygiene" support to see if the commercial service provider was doing its job. They were; nobody got broken into, and the customer was notified of the attempt.

      3. The "DHS servers" likely succeeded else where

      Yes, that is second worst of the three, and it and option 1 are truly bad. Then we have option 4: DHS failed elsewhere but the server admins didn't notice.

      I run a few servers at a university. I used to catch other universities doing pen testing on my servers. When I reported it I was told this was "official network research" being conducted by those universities and it was ok they were doing it. Not from MY admins, but from the admins at those other universities. No permission was ever asked nor was it granted. Admins at school X were telling their people it was ok to pound on my servers at school Y and my opinion on the matter was irrelevant because it was "research" .

      The days of outrage over outside groups pen testing servers are long gone.

    3. Re:DHS bot by Calydor · · Score: 1

      and the customer was notified of the attempt.

      Oh really?

      Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network

      Doesn't sound like they were told about it from anything other than analyzing their traffic logs.

      --
      -=This sig has nothing to do with my comment. Move along now=-
    4. Re:DHS bot by rmdingler · · Score: 1
      Georgia went to Trump by a small landslide (230,000 votes) so it's not a likely candidate for hacker fraud, and this probe seems to have occurred (Nov. 15th) long past when any vote-changing might've been feasible.

      Other than an exploit by a couple of intoxicated agents, why would the DHS be unable to hide their origin IP address?

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    5. Re:DHS bot by npslider · · Score: 1

      So it's either a 3rd party malicious actor using a compromised DHS server, or a rouge DHS actor?

    6. Re:DHS bot by rmdingler · · Score: 1

      So it's either a 3rd party malicious actor using a compromised DHS server, or a rouge DHS actor?

      This guy?

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    7. Re:DHS bot by Anonymous Coward · · Score: 1

      Different AC here.

      The earlier AC, among others, wrote that DHS did not contact the state's office before launching the pen test (i.e., An exchange like "Hey Bob in Georgia? Yeah, this is Jim over at DHS. We are going to scan your network between xx and xx. Ta Ta," never happened!)

      You are saying that the 3rd party company detected the pen test, recorded the DHS IP address, and alerted the state as it was in progress.

      They are two separate things.

    8. Re: DHS bot by Zero__Kelvin · · Score: 1

      How do you know he didn't win by said margin due to hacker fraud?

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    9. Re: DHS bot by Zero__Kelvin · · Score: 2

      You know damn well that the point being made was that DHS did not notify them.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    10. Re:DHS bot by Anonymous Coward · · Score: 1

      You don't comprehend well, do you? That's what I said. The third party provider detected the intrusion attempt and notified their customer that it happened.

      While true, that's not the point.

      The point is that the DHS did not notify the state of the attempt.

      I hope that helps you understand why you are arguing against something nobody else is actually saying.

    11. Re: DHS bot by rmdingler · · Score: 1

      In as much as one can know these things, the State of Georgia was not expected to go any other way.

      Remember, fraud would have to be perpetrated at the precinct level since Statewide totals available at the Secretary of State's office would just be the sums of previously recorded vote counts. It seems much more likely election fraud would be attempted in State races which are considered toss-ups... pre-election polls showed a close race in Ohio, for instance, and it went to Trump by a wide margin.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    12. Re: DHS bot by Obfuscant · · Score: 1

      You know damn well that the point being made was that DHS did not notify them.

      And you know damn well that I never said they did. My statement that the customer was notified was contradicted by someone, and that's what I've been correcting. If you want to make some other point in some other part of the discussion, do so. But don't tell me I'm wrong when I say that the system worked; the company being paid to detect these things did so and notified their customer.

    13. Re:DHS bot by Obfuscant · · Score: 1

      While true, that's not the point.

      That was not my point, and my statement was true. "Oh really?" is contradiction the truth of a statement, and that's what I've been replying to.

      I hope that helps you understand why you are arguing against something nobody else is actually saying.

      You have it backwards. People are arguing with me for saying the customer was notified. Other people have actually claimed they were not. Your concept of what "nobody else is saying" is flawed.

  4. Text of Letter by Anonymous Coward · · Score: 2, Interesting

    https://assets.documentcloud.org/documents/3234551/Georgia-Secretary-of-State-Letter-to-DHS-Secretary.txt

    The Office of Secretary of State
    23mm Kemp
    SECRETARY OF STATE
    December 8, 2016
    The Honorable Jeh Johnson
    Secretary of Homeland Security
    Department of Homeland Security
    Washington, DC. 20528

    Secretary Johnson,

    On November 15, 2016, an IP address associated with the Department of Homeland Security made an
    unsuccessful attempt to penetrate the Georgia Secretary of State's firewall. I am writing you to ask whether
    DHS was aware of this attempt and, if so, why DHS was attempting to breach our firewall.

    The private-sector security provider that monitors the agency's firewall detected a large unblocked scan
    event on November 15 at 8:43 AM. The event was an IP address (216.81.81.80) attempting to scan certain
    aspects of the Georgia Secretary of State?s infrastructure. The attempt to breach our system was unsuccess-
    ful.

    At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our
    network. Moreover, your Department has not contacted my office since this unsuccessful incident to alert
    us of any security event that would require testing or scanning of our network. This is especially odd and
    concerning since I serve on the Election Cyber Security Working Group that your office created.

    As you may know, the Georgia Secretary of State?s office maintains the statewide voter registration data-
    base containing the personal information of over 6.5 million Georgians. In addition, we hold the information
    for over 800,000 corporate entities and over 500,000 licensed or registered professionals.

    As Georgia's Secretary of State, I take cyber security very seriously. That is why I have contracted with a
    global leader in monitored security services to provide immediate responses to these types of threats. This
    firm analyzes more than 180 billion events a day globally across a 5,000+ customer base which includes
    many Fortune 500 companies. Clearly, this type of resource and service is necessary to protect Georgians'
    data against the type of event that occurred on November 15.

    Georgia was one of the only few states that did not seek DHS assistance with cyber hygiene scans 0r pen-
    etration testing before this year?s election. We declined this assistance due to having already implemented
    the security measures suggested by DHS. Under 18 U.S.C. 1030, attempting to gain access or exceeding
    authorized access to protected computer systems is illegal. Given all these facts, a number of very important
    questions have been raised that deserve your attention:

    214 State Capitol oAtlanta, Georgia 30334 - (404) 656-2881 (404) 656-0513 Fax

    Did your Department in fact conduct this unauthorized scan?
    If so, who on your staff authorized this scan?
    Did your Department conduct this type of scan against any other states? systems without authorization?
    If so, which states were scanned by DHS without authorization?

    I am very concerned by these facts provided by our security services provider, as they raise very serious
    questions. I would appreciate your prompt and thorough response.

    Sincerely,
    Brian P. Kemp
    [follows is long list of CC: Congressman, etc.]

    1. Re:Text of Letter by Xenographic · · Score: 1

      I don't think they need to worry about their firewalls, they need to worry about falling prey to obvious phishing scams (note the bit.ly link...) and not working together to compromise their own OPSEC by bypassing all the controls.

    2. Re:Text of Letter by Anonymous Coward · · Score: 1

      This appears to be nothing but an ordinary port scan. What, however, is an 'unblocked' scan supposed to be?

      More interesting, there are literally thousands of those scans per day. What made this one stick out?
      The IP address? That would mean someone, i.e. the private-sector security provider, is not only maintaining a list with US Government IP addresses for their security product, but also that someone has decided that raising an alarm because of one of those specific US Government IP addresses scanning the firewall warrants an exceptional alarm and attention. Without that it would not have been noticed at all.

      Who has this level or paranoia, the provider or Georgia's Secretary of State ? and why?
      Do they really think real attacks would be coming from registered IP addresses?

    3. Re: Text of Letter by Anonymous Coward · · Score: 2, Interesting

      You would not believe the shit-storm of belligerent phone calls, emails, escalations and accusations I have seen triggered by single nmap scan on default settings. I would not be the least bit surprised if someone at the DHS couldn't access a state of Georgia website and simply ran a quick nmap to see if it was down.

  5. Important clarification by Verdatum · · Score: 1

    The STATE Georgia, not the COUNTRY.

  6. Snoop Doggy Dog by Tablizer · · Score: 3, Interesting

    In an online political discussion, one conservative complained about Obama's alleged excess snooping. I pointed out that Bush and Trump are pretty much pro-snoopers also.

    At first (s)he seemed to argue otherwise, but after a lot of probing on my part, the truth finally came out: He was more nervous with a Democrat snooping than a Republican. It wasn't the snooping itself, but WHO was snooping.

    I can see how the personal trust issue can play a part, but to keep switching the laws back and forth depending on which party is in power is not realistic.

    --
    Table-ized A.I.
    1. Re:Snoop Doggy Dog by Tablizer · · Score: 1

      [Obama] had Clapper lie to Congress about it under oath

      Do you have evidence of this? (Ironic, since you just got on my case for not presenting sources.)

      (I'll ignore the general ranting, being it lacks specifics.)

      --
      Table-ized A.I.
    2. Re:Snoop Doggy Dog by Tablizer · · Score: 1

      If we assume that government corruption is the impetus...

      That was NOT a difference maker this election. Trump has a long, slimy business record such that to expect him to stop being slimy once in office is unrealistic. He even blatantly admitted to bribing most of the candidates on the stage during the GOP debates. I don't see that a pimp is holier than a whore.

      I believe he won because he sold the idea that most our security and job problems are caused by outsiders. It's a simple and powerful message from a political marketing standpoint: Nationalism 101.

      It's wrong and foolish, but I'm just addressing the sales angle here. Wrong but simple ideas sell better than nuanced but correct ones. Human Nature 101.

      --
      Table-ized A.I.
    3. Re:Snoop Doggy Dog by Motherfucking+Shit · · Score: 3, Insightful

      The difference is that Trump is hated by the same people who expanded the snooping laws.

      The FBI seemed pretty hell-bent on getting Trump elected...

      If we assume that government corruption is the impetus, then it follows that the long term effects of Trump's term is decreased snooping overall.

      Considering Trump's appointees are all coming from the same old places like Goldman Sachs, I'm not sure where you get the idea that corruption will be on the decline.

      --
      "BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
    4. Re:Snoop Doggy Dog by Anonymous Coward · · Score: 1

      Video of him lying to Congress under oath. If you haven't seen this video as you claim, you really shouldn't be commenting on this topic at all and I believe everyone else here on /. would agree with me on that point.

      Go ahead and claim he wasn't told to, but you will have to follow up with a statement from the White House contradicting him, Clapper being forced to resign for lying, the DOJ prosecuting him for lying, ANY CONSEQUENCES at all for lying.

      They don't exist. He lied, Obama knew, and Obama did NOTHING about it.

      Face it, for all your ranting about conservatives, Obama has been the absolute worst in ALL OF HUMAN HISTORY for spying on citizens. Yes, the worst in all of HUMAN HISTORY on this topic. No one else has ever come even close.

      Go ahead and spin spin away.

    5. Re:Snoop Doggy Dog by Tablizer · · Score: 1

      You claimed Obama MADE him do it ("had him..."). Are you changing your story now? Perhaps I should put you under oath.

      --
      Table-ized A.I.
    6. Re:Snoop Doggy Dog by bmo · · Score: 1

      >In an online political discussion, one conservative complained about Obama's alleged excess snooping. I pointed out that Bush and Trump are pretty much pro-snoopers also.

      I'm about as liberal as they come.

      I am more than disappointed by Obama's expansion of domestic spying. I am also more than disappointed by Obama's removal of due process and Habeas Corpus - Tangerine Bolen is in my Facebook friends list (because she's a good friend of my wife).

      This is her:

      https://www.theguardian.com/co...

      There are a shitload of us over on the left who are fucking pissed. It's not just conservatives.

      --
      BMO

    7. Re:Snoop Doggy Dog by Tablizer · · Score: 1

      While probably true, that's not enough evidence to claim that O "made" him say it. It's a lie, or in the very least speculative spin to word it as such.

      My original statement was not intended to be directly partisan anyhow. Voters seem okay with snooping as long as it's "their guy" snooping.

      --
      Table-ized A.I.
  7. Do YOU trust DHS? by gavron · · Score: 1

    " DHS takes the trust of our public ..."
    Yes, because the public doesn't GIVE it our trust.

    E

  8. Re:Oh noes by spire3661 · · Score: 4, Insightful

    "I was just going down the street turning doorknobs to ensure people's houses are locked up safe. Whats the big deal officer?"

    --
    Good-bye
  9. DHS Weaponized? by Jerry · · Score: 3, Interesting

    The last two administrations have weaponized a lot of Federal agencies against the American people, violating the 1st, 2nd, 4th, 5th, 8th and other Amendments of the Bill of Rights, and their oath of office to "uphold and defend the Constitution of the United States".

    Were they trying to break into the election computers and change the counts?

    --

    Running with Linux for over 20 years!

    1. Re:DHS Weaponized? by Xenographic · · Score: 1

      Georgia isn't really a state that would have much value for them to flip even assuming they could do so.

      That said, you have to think there's some kind of political shenanigans going on behind it.

      Then again, maybe if this is a thing going forward, we'll end up selecting for fewer luddites and more people interested in proper opsec, rather than compromising it the moment it becomes too inconvenient.

  10. Homelasnd "Security" Ha Ha Ha by frovingslosh · · Score: 4, Insightful

    The Federal Government just does whatever it wants. Damn the laws or the Constitution or anyone's rights. Get used to it.

    --
    I'm an American. I love this country and the freedoms that we used to have.
    1. Re:Homelasnd "Security" Ha Ha Ha by Rick+Schumann · · Score: 1

      This is more along the lines of what I was thinking.
      To quote the Baron Acton, "Power tends to corrupt and absolute power corrupts absolutely". DHS has quite a bit of autonomy and little or no transparency, and that's a very tempting combination for ambitious -- or just plain power-seeking types. Who watches the watchers? We've seen this sort of phenomenon happen on a smaller scale with the TSA; now scale it up to the size and reach of DHS, and you begin to see what I'm talking about. They could, theoretically, 'find' reasons to detain elected officials, without charging them, claiming it's 'for reasons of National Security'. Perhaps a bit far-fetched, perhaps not. Attempting to covertly dig through a State governments information systems makes you wonder.

  11. Re:That's bad by Ungrounded+Lightning · · Score: 1

    I mean getting caught doesn't exactly inspire confidence...

    That they caught it and went public with it helps inspire confidence in Georgia's election process and results. "The DHS tried to crack us (the dirty sons of Bs), failed, and got caught!"

    In the DHS, not so much.

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
  12. Pen Test Effectiveness by Anonymous Coward · · Score: 1

    I can see both sides of this issue, frankly.

    When conducting White Hat penetration testing, it's important to get an official OK to conduct those operations. It is not legal or ethical to conduct them otherwise. However SOP is to keep the circle of those informed of what was going on, as small as possible.

    Pen Tests become less effective (read: less true to life and revealing) the more people know about them. Thus you often see the CEO and maybe the CSO or CIO knowing, but almost no one else on the inside knows. And of course the White Hat team knows.

    The concern is that insiders want their organization to perform well, so they leak. Or they tip someone off inadvertently, which has much the same result: Operations and Security know that the attack is coming. Then organizational defenses go higher than normal, everyone is on alert, and the organization is unrealistically effective at detecting and responding to the Pen Test.

    How does that translate here? It could be (pure speculation here, bear with me) that DHS knew about and authorized the Pen Test. However they elected to keep Georgian officials mostly or completely in the dark.

    Another possibility is that this was a communications screw up.

    DHS: "We've hired you to Pen Test all state IT systems. We'll get back to you with a list of exceptions later."
    White Hats: "OK!"
    White Hats later, on scheduled Pen Test Day: "Well, DHS never got us that exception list and they aren't responding to our update requests. It's Go time!"

    So is this legit? Well it's certainly awkward politically. However one of the consequences of most Pen Tests is that certain ranking individuals discover, they weren't in the loop. That was by design and they may have bruised egos about it.

    My take? Someone in Georgia State politics or administration should have been told of this, and probably should have approved it too. And that could still be true!

    1. Re:Pen Test Effectiveness by Obfuscant · · Score: 1

      When conducting White Hat penetration testing, it's important to get an official OK to conduct those operations. It is not legal or ethical to conduct them otherwise.

      Were I to go back through very old access logs, I could point you to at least one or two Universities that disagree with you. I caught them testing my servers (and a lot of desktop systems) and they didn't have my authorization to do it. No, sorry, authorization from an admin at a different University to scan systems here isn't valid.

      And I've caught my own university scanning my home system without my permission. When I reported THAT the response was "meh, so what?".

      Like I said, the days of moral outrage over one government agency scanning another one are long gone. If your system faces the public, it faces the public -- all of them.

  13. Probably requested by someone at the state by Anonymous Coward · · Score: 1

    I do IT for small-town banks, and some have signed up with a service from the DHS where they do a (rudimentary) external vulnerability scan once a week, and then generate reports with trends in open ports/services/etc. My guess is someone in IT for the state probably signed up for these scans, and then their firewall/IDS/IPS vendor put out a scary report about hacking attempts. That report probably got handed to someone with an anti-federal agenda and here we are.

    https://yro.slashdot.org/story/15/12/01/1741223/dhs-offering-free-vulnerability-scans-penetration-tests

    I didn't realize this program has existed for so long, as we've only started using it this year.

  14. What's the date? by Okian+Warrior · · Score: 1

    In an online political discussion, one conservative complained about Obama's alleged excess snooping. I pointed out that Bush and Trump are pretty much pro-snoopers also.

    The rest of us are still in early December, 2016.

    What's the date where you live?

  15. Mod parent down! by Anonymous Coward · · Score: 1

    Only a crackpot would think HRC wasn't the REAL WINNER of the electrion. SMH

  16. Attribution by manu0601 · · Score: 1

    Perhaps the DHS did not do it? It could be the work of a hacker that infiltrated DHS and use it to probe states.

    Given that most states gave permission to DHS to perform penetration testing, it makes the DHS the perfect base for such activity.

  17. Knowing the IQ at DHS ... by PPH · · Score: 1

    ... they were probably looking for Chechen rebels.

    --
    Have gnu, will travel.
    1. Re:Knowing the IQ at DHS ... by Hognoxious · · Score: 1

      Them Russkies got a Georgah too? Gashdarnit, they can change the name. We had ours firstest!

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  18. Re:Obama ordered this!!! by ebvwfbw · · Score: 1

    So funny. When GW Bush was President, no proof was necessary. Any whacky thing that happened - See, GW at it again. They're already trying to blame Trump for stuff even though he's not even POTUS yet.

    So let's blame Obama. He's POTUS still and it was one of the agencies that he runs. So he should be personally responsible, just like CEOs are under Sarbanes/Oxley.