Source code security and signing. Was the source code analyzed for secure coding practices, verifiable functions, logging for reliable auditing enabled globally, and certified with a code signing certificate? Who performed the certifications of the software?
You know the answer in our industry. Same people who recruiters grab for a workstation rollout I bet.
Internet with no tunnel or firewall security would be my guess.
Reports have said poll watchers traces wires from the machines going to a switch, so who knows.
I’ve heard mix of win 10 and/or Linux. Very seriously doubt they are even patched based on screenshots of windows 10 at least. I see the default background image up on screens and they are pre 1903.
Lol. No I don’t think they did. Why would they? That would mean extra planning and prep, and they have an election to steal.
Plus didn’t they say that white hats traced their packets to Frankfurt Germany? That would be in the packet header, which would mean it was intercepted, which would mean it wasn’t encrypted via a vpn tunnel.
No serious organization would ever put a technician in the field with 1 day of training. I've worked for MSSP's (Managed Security Service Provider) for many years now and even the most incompetent IT organizations (they definitely exist) would send their senior staff who understand the company policies and procedures. We live by Standard Operating Procedures and Standard Business Practices in the IT Operations and Cybersecurity industry.
We know based off the reports coming in that these systems were clearly connected to the internet. From the pictures I saw, most of these systems which tabulated data and sent/received such from the servers were in open rooms. Best practices definitely weren't followed. Least privilege is definitely not being followed with a bunch of client systems in an open room environment that anyone with access to the room (and there were clearly a lot of people in these rooms) could interact with. This among many other glaring and obvious security protocol violations.
This is all unknown territory without Dominion releasing these details. In fact, I'd almost expect that the IT in each county likely hires a third party to provide these network/security audits and to do network, system, and operations procedural hardening. Without a provided network map, or some solid OSINT material put together from some white/grey/black hat sources who may have (or had) this information, we likely won't ever know. Without knowing if it was a flat network, or one that was configured with appropriate VLAN's, Subnets, etc., we will likely never know. It would be great to know if they had a SIEM in place, as well as an IPS/IDS and if the Trump team could be provided such access.
There's reports systems were using Windows 7. If this is true, an EoL OS with known security vulnerabilities should tell you all you need to know.
You know the answer in our industry. Same people who recruiters grab for a workstation rollout I bet.
Internet with no tunnel or firewall security would be my guess.
Reports have said poll watchers traces wires from the machines going to a switch, so who knows.
I’ve heard mix of win 10 and/or Linux. Very seriously doubt they are even patched based on screenshots of windows 10 at least. I see the default background image up on screens and they are pre 1903.
Lol. No I don’t think they did. Why would they? That would mean extra planning and prep, and they have an election to steal.
Plus didn’t they say that white hats traced their packets to Frankfurt Germany? That would be in the packet header, which would mean it was intercepted, which would mean it wasn’t encrypted via a vpn tunnel.
Would be interesting to know. Not sure if they did though since traffic was monitored
No serious organization would ever put a technician in the field with 1 day of training. I've worked for MSSP's (Managed Security Service Provider) for many years now and even the most incompetent IT organizations (they definitely exist) would send their senior staff who understand the company policies and procedures. We live by Standard Operating Procedures and Standard Business Practices in the IT Operations and Cybersecurity industry.
We know based off the reports coming in that these systems were clearly connected to the internet. From the pictures I saw, most of these systems which tabulated data and sent/received such from the servers were in open rooms. Best practices definitely weren't followed. Least privilege is definitely not being followed with a bunch of client systems in an open room environment that anyone with access to the room (and there were clearly a lot of people in these rooms) could interact with. This among many other glaring and obvious security protocol violations.
This is all unknown territory without Dominion releasing these details. In fact, I'd almost expect that the IT in each county likely hires a third party to provide these network/security audits and to do network, system, and operations procedural hardening. Without a provided network map, or some solid OSINT material put together from some white/grey/black hat sources who may have (or had) this information, we likely won't ever know. Without knowing if it was a flat network, or one that was configured with appropriate VLAN's, Subnets, etc., we will likely never know. It would be great to know if they had a SIEM in place, as well as an IPS/IDS and if the Trump team could be provided such access.
There's reports systems were using Windows 7. If this is true, an EoL OS with known security vulnerabilities should tell you all you need to know.
Also was the software tested for vulnerabilities? Was a penetration test performed? How can we get the results if so?
Well after the MI hearing, yes to number 3, eth > router.
They didn’t say. Their knowledge seemed limited. Enough to know it was connected but that is it.