The computers of the Director general of elections hacked in the middle of the countryside

Look at this article

The Director general of elections of Quebec (DGEQ) has been the victim of a computer attack during the election campaign, and has erased the evidence without informing the police.

In the aftermath of the election, on 24 August, the computer of a returning officer was the target of a computer attack to be malicious.

The hacker has easily managed to take control of the computer used to infiltrate the network of the DGEQ for six hours, according to our information.

Worse yet, the computer has not been analyzed, and the evidence has been erased by the employees of the DGEQ.

Of “amateurism,” according to the expert in information security including for national defence, Steve Waterhouse. In his eyes, “it is a violation of the electoral law”.

Total control

According to the incident report, including our Bureau of investigation has obtained a copy, the hacker was able to intrude in the computer system by tricking an employee.

The latter reacted to a window appeared on her screen while she was sailing on the internet, indicating “Call Microsoft Support” linked to a phone number. With a telephone line, a false technician told him that the computer was infected by a “Trojan horse”, a computer virus (see box).

The fraudster was easily able to convince the employee to access his or her position to “help”. By accepting, it allowed the hacker to take remote control of his computer.

Suddenly, she saw the arrow of the mouse move only on the screen. She had completely lost control of his computer station. A few moments later, a window in black and white appears on the screen, after which the machine freezes. It is at this time that the hacker has hung up.

The computer is not responding, the employee realized that she had no doubt of being the victim of a computer attack. The computer service Centre of the DGEQ has been informed of the situation.

“Open Discussion”

The analysis of the experts there stated that no information “seems to have fled”, but they have been unable to identify the source. “It is believed that the scammer did not know that he was communicating with an employee of Elections Quebec”, has advanced the DGEQ.

However, in the report, the consultant in solution architecture and information security argues that it should be, “after the election”, analyze the position to know “if he has done action in the” during “that it was vérolé”.

He also asked the analysts to stay abreast of the strange behaviors of the other computers on the same network. He adds that this is “not a command”, but an “open discussion”. The DGEQ has not been able to confirm that this work has been carried out.

Sensitive data to the DGEQ

  • All the names of the citizens of an electoral district entitled to vote are on the electoral roll
  • The list includes the name, surname, address, date of birth of the voter, as well as a file geographic information
  • It is constantly updated and is cross-referenced with other databases of the government of Quebec

What is a Trojan?

The expression refers to a subversion introduced from the outside of something.

In computer science, it is a virus or a malicious program that give access to the computer of a remote party, to infiltrate slyly a foreign network.

According to the legend of Odysseus, the warriors of the greeks offered the Trojans a huge wooden horse, pretending to give up the war. The Trojans brought the horse into the city. The next night, warriors, hidden inside the wooden structure, came out and opened the gates to the Greek army in order to take Troy by storm.

Source : Encyclopedia Universalis

Our data of voters in danger

Computer security experts have criticised severely the Director general of elections and argue that it is necessary to be afraid for our data to be the result of the “poor response” that followed the attack during the election campaign.

Our Office of investigation has been to analyze the security incident report of the DGEQ by recognized experts in computer security.

Conclusion : there is nothing to indicate that there has been a theft of data, but we cannot conclude that there has been nothing of such.

Patrick Mathieu, a specialist in computer security and co-founder of the Hackfest, indicates that the leaders of the DGEQ have “destroyed the evidence”, which allow to assess whether the hacker stole data or has penetrated the network.

They have formatted the post prior to the analysis, critique-t-il. “It is as if you had a murder scene and you aspergeais using a watering can”, illustrates Mr. Matthew.

Bad process

It is estimated that the DGEQ has not put in place a good “process” for responding to security incidents. “Either there isn’t or it is deficient. It doesn’t mean that the people in place are not good, but if they do not have a plan, they will always find themselves in similar situations”, he explained.

“By experience, for most government organizations, the network is open and everyone sees everything on the network. It is the danger, if this is the case. From there, he can fly all over there or spread to the internal network and attack other computers and server.”

The hacker could have access to all computers and find vulnerabilities and steal the data of voters in order to resell them. “It doesn’t mean that it was successful, but the possibility is there. To extract data, it is a matter of minutes.”

Investigation

Steve Waterhouse

Computer security Expert

Even the sound of a bell from Steve Waterhouse, an expert in computer security in the civilian sector and government.

“It would have been normal to have a full investigation with the police, an investigation on the complete network to ensure that there is not something else. They would have been able to find out from the network that originated the attack,” maintains the expert Steve Waterhouse, that borst “experts” of the DGEQ.

Share