A group of hackers from Morocco allegedly tried to hack the US voting systems. In an attempt, they hacked four school districts from Florida.
According to reports, several hacking attempts were said to be made on the US voting system and culprits were mostly believed to be from Russia. However, it seems that another group also wanted to try and interfere with the election.
MoRo, a hacking group from Morocco, managed to breach defenses of four different school district networks. Their main goal was to try and find their way into the sensitive government systems from there. The UDT (United Data Technologies), which is a company that investigates such attacks, has stated that hackers managed to get into these networks via phishing attacks.
Miami Herald reports that they managed to infect school networks through malware by sending infected images via email. Unsuspecting workers clicked on images, which was enough for malware to infect the devices. A similar attack has also targeted one of the Florida city networks.
Upon entering school systems, hackers remembered to turn off logs that recorded who entered the systems. This has made it very difficult to discover what exactly they did once inside. Still, UDT analysts managed to find that hackers spent around three months in the system. They used this time to test defenses and map out the systems, and they even posted a photo of a man dressed as an ISIS fighter.
The only named one of these four districts which were Miami-Dade, which is also the largest one in Florida. It is believed that attackers that hacked this and other three districts initially intended to steal personal data from thousands of students. Then they realized that they could access much more than that.
Apart from personal information, the school also handles Social Security numbers for former and current students, and also their parents. Not to mention all of the school employees. Still, they seem to have failed in obtaining any of this data, despite the three months of access. Analysts even claim that hackers didn’t manage to access voting systems at all.
“They weren’t just looking for the names of kids and valuable Social Security numbers, UDT found. The hackers were also searching for some way to slip into other sensitive government systems, including state voting systems.”
This is only considered to be an attempted hack, and when it comes to attempts, there were seven of them. Despite the ISIS-related picture being posted on district’s website, Miami-Dade claims that there is no evidence of any access or malware in their computer systems.
It is believed that the first attack occurred in the fall. It was in November when the ISIS-inspired photo appeared, and it stayed up for 24 hours. That same photo appeared on another school district’s website a month later.
UDT claims that schools were only an entry point to the city and county systems. And even those systems would only serve as aiding in their search of a backdoor to the bigger, government systems. The National Cyber Security Alliance’s executive director, Michael Kaiser, has stated that it’s not unusual for school district networks to be connected to bigger networks.
Therefore, it would make sense for a hacking group to go for an easy target and then make their way to the main one. According to UDT, hackers even bragged about their achievements online. They even mentioned their plans of getting into voting systems and wanting to bring it down. The weird part is that this happened a month after the voting was over, in December.
Still, the FBI was contacted by the UDT, and malware was re-engineered. There was no evidence of stolen data, but the FBI still refused to comment on this incident. Whatever the point of these attacks was, the awareness of security’s importance in the school districts was raised.
DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.