General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsSo Russians may have figured out how to hack computers NOT connected to internet?
Link to tweet
Implications for altering vote tallies in 2016, 2018, 2020?
TreasonousBastard
(43,049 posts)bitterross
(4,066 posts)If they were able to intercept the devices when they were being shipped, before they go to the FBI, this would be possible. There are also all those stingray cell signal interceptors they could use for a man-in-the-middle attack.
People are also very careless with USB drives and sticks. Especially tech people. They're generally a great way to have something physically carried to a site and inserted into an otherwise air-gapped network.
These are just the most common ways of gaining access I can think of off the top of my head.
USALiberal
(10,877 posts)ret5hd
(20,518 posts)It might not be "the internet", but they are on some kind of network, and that set of network/protocols would have vulnerabilities.
mr_lebowski
(33,643 posts)to be mighty close to that computer. You're damn sure not doing it from a foreign country. More like in the street in front of the house where the computer is.
Just sayin.
asiliveandbreathe
(8,203 posts)A major concern was that Russian spies with physical proximity to sensitive U.S. buildings might be exfiltrating pilfered data that had jumped the air gap, i.e., that the Russians were collecting information from a breach of computers not connected to the Internet, said former officials.
https://www.huffpost.com/entry/exclusive-russia-carried-out-a-stunning-breach-of-fbi-communications-system-escalating-the-spy-game-on-us-soil_n_5d7f73dee4b077dcbd6159b1
Igel
(35,356 posts)At least internally. And knowledge of its extent increased after that. It's purportedly the cause of the expulsion of the Russian officials late in Obama's term.
asiliveandbreathe
(8,203 posts)And then the so-called Gen. Flynn decides to take it upon himself,,(cough, cough thingy) to ask the rushkies nyet to retaliate..not only do we need rain in AZ, we need ALL the facts of high crimes to rain all over this land..let it pour....
toddwv
(2,830 posts)If the device is connected to another device that is on wifi or bluetooth, it is still networked. If only one device in that PAN, LAN, or WAN is connected to the internet, it is conceivable that all of the other devices on that network are open to an attack of some sort from an external source.
mr_lebowski
(33,643 posts)as the 'unconnected' computer, and it has internet access ... then yes, said computer is also indirectly connected to the internet and perhaps could be hacked that way.
triron
(22,020 posts)Let's say that you have a simple home network with a PC, printer, laptop, and tablet that are connected through a wifi router. Normally, most people no longer turn their internet off and it stays on 24/7. However, in this case, you like to unplug the cable modem from your router to disconnect the internet. Your devices can still communicate with each other; you can print to the printer, share files between the tablet, laptop, and PC but they can't reach the internet since the cable is detached.
You decide to add your smartphone to your LAN. Now, even though you still have the internet cable unhooked from the cable modem, you now have a device that is connected to the internet that can communicate with all of the devices on your local area network. In most cases, this isn't a problem, but if your phone is compromised in some other way, an individual could have access to basically anything that your cellphone can communicate with including bluetooth and wifi devices.
I've played with Remote Access Trojans before on some virtual computers that I had setup just so I'd have familiarity with them. They can allow someone to take full control remotely of your device. They can see what you are doing, install loggers, turn cameras/speakers on or off, execute programs, and copy files from the device (or other devices that it can communicate with) and upload them somewhere else.
Blue_true
(31,261 posts)Then they mask themselves as Admins and load viruses into the online systems and have them ping the offline systems until one comes online, at that point, they control the previously offline system.
I don't know whether you have noticed, but your computer (if you have one) automatically downloads "updated" when you go online, often this is done without you being conscious of it happening.
I keep my computer offline almost 95% of it's life. I do everything on my phone. When I do log on and use an ap, I find that it has automatically refreshed as my computer does bios checks.
FBaggins
(26,758 posts)Thats why you will sometimes read of a supposed security hole because the machines are still on windows XP. The machines often dont have IP addresses, dont connect to any network, and dont get updates. That may seem like a bad thing but for this type of system security its actually what you want.
Blue_true
(31,261 posts)Putin does not really care if 15,000 votes from Dade County gets reported correctly, he is more interested in the votes that come after a virus has entered the vote reporting systems.
FBaggins
(26,758 posts)That's the point. The ones I worked with had no modems and the ethernet ports were disabled on the motherboard.
SWBTATTReg
(22,166 posts)updates after updates. Endless!
Blue_true
(31,261 posts)Imagine what is happening to the remaining 90% of the population (excluding somewhat tech savvy like me, and the fully tech savvy).
If I knew something bad happened via an update, I would turn it off. The earliest auto-update technology from Microsoft was a freaking nightmare. If you did not have an IT person to help you, figuring out what went wrong was difficult. I had one system that I had to do an MSDOS reboot on because the Microsoft updates often acted like viruses. Maybe that was Microsoft's point, force anyone who had tossed or lost their boot disk to purchase new software.
SWBTATTReg
(22,166 posts)and stuff. Of course I never got anything back from them.
We had the same problem w/ IBM and its' updates ... we were getting tired of the constant updates, having to shut down applications, downtime of online and/or batch/offline systems, etc.
I blame this on arrogance on the part of these vendors. And I do understand the complexities of tying together multiple platforms/software pgms all into one...it's to the point that the complexities involved in testing / etc. such a large system get more and more cumbersome.
I too, thought the same as you, they forcing you to purchase new software when unable to locate your boot disk (I wouldn't be able to find my multiple copies, or I could probably locate if I spend the better part of a day minute looking for it (my boot copy if I needed)).
Blue_true
(31,261 posts)If they get into carrier databases, eventually they will have the IDs of every wireless device on any street they desire to check. Once they have the IDs, they can hack into each online system and use them to continuously ping systems that are offline, waiting for them to connect, once the offline system connects, a virus that was stored in the pinging devices infects the one coming on line instantly, because the systems are doing bios checks as they come online, once the virus is in the bios it's game over. A skilled group can do that from 6,000 miles away from the target computers and wireless devices.
mr_lebowski
(33,643 posts)However, that can only happen if your 'pinging' internet connected wireless device connects to the same network as the target computers. Ergo, there's still an internet connection involved in this process.
That's a security breach that a properly designed high-security network, one that's meant to be disconnected from the internet, isn't going to allow.
It's also extremely possible to make devices who's bios simply not re-writable, they're ROM.
Blue_true
(31,261 posts)specialists? We have to realize that Russia is all in on interfering with our elections. I expect China to become a player in 2020, though I suspect it's hacking capabilities is not up to Russian standards.
triron
(22,020 posts)qazplm135
(7,447 posts)huh?
lame54
(35,321 posts)asiliveandbreathe
(8,203 posts)Reading through all the information, lengthy article, worth the read, you would think we had a handle on thwarting the Russians, yet, I am left with an uneasy feeling, due to too many in this admin, who have security clearance..who shouldn't..
Thats the same message that special counsel Robert Mueller tried to convey during the highly contentious hearings to discuss his report on Russian interference in the 2016 election. They are doing it as we sit here, and they expect to do it during the next campaign, Mueller told lawmakers on the House Intelligence Committee about covert Russian involvement in U.S. politics.
triron
(22,020 posts)fescuerescue
(4,448 posts)In most lay persons mind, " Internet = Hacking target" and "no internet = can't hack"
But the reality is that people are easier to hack and people use computers.
lapfog_1
(29,223 posts)kept in a TEMPEST facility and closely guarded.
The only method I know of for hacking is to get a person inside the facility.
However, voting and tabulating machines are not kept in such facilities... and any computer that is upgraded via thumb drive or even CDROM is now "on the internet" in that a virus might be passed via those mechanisms.
Most secure facilities disable (physically) USB ports,etc.
The ONLY secure voting system that I am aware of is paper ballots, hand counted by at least 3 groups (Republican, Democrat, Independent), and all "lost ballot" claims are followed up to ensure a proper tally (when you vote, you are given a receipt of your vote... and you should get a confirmation in the snail mail of your vote being counted that matches your receipt).
It would take a week to know the vote totals and the election outcome... but I would be happy to wait.
triron
(22,020 posts)alwaysinasnit
(5,072 posts)I sure as hell don't mind waiting for election results if I can be assured of better election integrity.
Response to triron (Original post)
NightWatcher This message was self-deleted by its author.
TheBlackAdder
(28,211 posts)pwb
(11,288 posts)Anything plugged in?
not_the_one
(2,227 posts)Every electronic voting booth should be completely isolated, with NO wifi/bluetooth capabilities at all, NOT just turned off. There should be a printed ballot receipt, verified by the voter, of every vote. Those receipts should be tallied against electronic machine tally. The tallies should be monitored by a representative from both parties, and reported by phone to the district office, with all calls being recorded.
Every voting scan sheet reader should be completely isolated, with NO wifi/bluetooth capabilities at all, NOT just turned off. All scan ballots should be saved for backup. There should be a printed receipt of every ballot scan. Those receipts should be tallied against machine scan tally. The tallies should be monitored by a representative from both parties, and reported by phone to the district office, with all calls being recorded.
Every paper voting booth should be completely isolated, with NO wifi/bluetooth capabilities at all, NOT just turned off. The paper ballot is the actual receipt of every vote. Those ballots should be tallied by hand. The ballot counts should be monitored by a representative from both parties, and reported by phone to the district office, with all calls being recorded.
We would start with the presidential office, to get those results, then go down the ballot.
I know it is cumbersome, time consuming and a logistical nightmare. But the alternative is much worse.
We have GOT to re-instill trust in our vote.
edit to suggest UN monitors, rather than a democrat/republican...
The_jackalope
(1,660 posts)I think I remember Stuxnet being spread that way.
diva77
(7,656 posts)to load into the machines.
K&R for exposure
Botany
(70,581 posts)Last edited Mon Sep 16, 2019, 09:27 PM - Edit history (1)
Aka Electronic voting machines and central tabulators.
Not connected to the internet has been the Republican fall back defense position ever since 2016.
Celerity
(43,499 posts)https://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html?_r=1
WASHINGTON The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.
While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.
The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.
The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.
snip
Wikileaks: The CIA can remotely hack into computers that arent even connected to the internet
https://qz.com/1013361/wikileaks-the-cia-can-remotely-hack-into-computers-that-arent-even-connected-to-the-internet/
When firewalls, network-monitoring services, and antivirus software arent enough, theres always been one surefire way to protect computers that control sensitive operations like power grids and water pumps: cut them off from the internet entirely. But new documents published by WikiLeaks on June 22 suggest that even when such extreme measures are taken, no computer is safe from motivated, well-resourced hackers. The 11 documents describe a piece of software called Brutal Kangaroo, a set of tools built for infiltrating isolated, air-gapped computers by targeting internet-connected networks within the same organization. Its the latest publication in the Vault 7 series of leaked documents, which describe myriad hacking tools WikiLeaks says belong to the US Central Intelligence Agency (CIA).
Brutal Kangaroo works by creating a digital path from an attacker to an air-gapped computer and back. The process begins when a hacker remotely infects an internet-connected computer in the organization or facility being targeted. Once it has infected that first computer, what the documents refer to as the primary host, Brutal Kangaroo waits. It cant spread to other systems until someone plugs a USB thumb drive into that first one.
Once someone does, malware specific to the make and model of the thumb drive is copied onto it, hiding in modified LNK files that Microsoft Windows uses to render desktop icons, and in DLL files that contain executable programs. From this point, Brutal Kangaroo will spread further malware to any system that thumb drive is plugged into. And those systems will infect every drive thats plugged into them, and so on, and the idea is that eventually one of those drives will be plugged into the air-gapped computer.
The major flaw in the concept of isolating sensitive computers is that the air gap around them can only be maintained if no one ever needs to copy files onto or off of them. But even for specialized systems, there are always updates and patches to install, and information that has to be fed in or pulled out. Its common knowledge among IT specialists that external hard drives are an obvious target for anyone seeking to break the air gap, and precautions are presumably taken in facilities with diligent IT specialists. Those precautions, however, can be subverted with exploitations of obscure vulnerabilities, and sometimes mistakes simply happen.
snip
Brutal Kangaroo
https://wikileaks.org/vault7/#Brutal%20Kangaroo
Today, June 22nd 2017, WikiLeaks publishes documents from the Brutal Kangaroo project of the CIA. Brutal Kangaroo is a tool suite for Microsoft Windows that targets closed networks by air gap jumping using thumbdrives. Brutal Kangaroo components create a custom covert network within the target closed network and providing functionality for executing surveys, directory listings, and arbitrary executables.
The documents describe how a CIA operation can infiltrate a closed network (or a single air-gapped computer) within an organization or enterprise without direct access. It first infects a Internet-connected computer within the organization (referred to as "primary host" ) and installs the BrutalKangeroo malware on it. When a user is using the primary host and inserts a USB stick into it, the thumbdrive itself is infected with a separate malware. If this thumbdrive is used to copy data between the closed network and the LAN/WAN, the user will sooner or later plug the USB disk into a computer on the closed network. By browsing the USB drive with Windows Explorer on such a protected computer, it also gets infected with exfiltration/survey malware. If multiple computers on the closed network are under CIA control, they form a covert network to coordinate tasks and data exchange. Although not explicitly stated in the documents, this method of compromising closed networks is very similar to how Stuxnet worked.
The Brutal Kangaroo project consists of the following components: Drifting Deadline is the thumbdrive infection tool, Shattered Assurance is a server tool that handles automated infection of thumbdrives (as the primary mode of propagation for the Brutal Kangaroo suite), Broken Promise is the Brutal Kangaroo postprocessor (to evaluate collected information) and Shadow is the primary persistence mechanism (a stage 2 tool that is distributed across a closed network and acts as a covert command-and-control network; once multiple Shadow instances are installed and share drives, tasking and payloads can be sent back-and-forth).
The primary execution vector used by infected thumbdrives is a vulnerability in the Microsoft Windows operating system that can be exploited by hand-crafted link files that load and execute programs (DLLs) without user interaction. Older versions of the tool suite used a mechanism called EZCheese that was a 0-day exploit until March 2015; newer versions seem use a similar, but yet unknown link file vulnerability (Lachesis/RiverJack) related to the library-ms functionality of the operating system.
SlogginThroughIt
(1,977 posts)I dont know much about the vulnerabilities in the protocol but I have run powerline networking in my house where all that is required is a router and a plug into the wall. I wonder if they didnt know a way to bastardize the protocol and probe voting machines that way and all that would be necessary is a powerline adapter plugged in somewhere in the building. It itself could even be wifi powerline extender.
Again I am not sure of the protocols vulnerabilities but it might have some.