Worm attacked voter database in notorious Florida district
Machine in hotly contested 13th Congressional district lain low by Slammer on first day of election
Computerworld - The computer database infrastructure of Sarasota County, Fla., was attacked by a notorious Internet worm on the first day of early voting during the 2006 election, which featured the now-contested U.S. House race between Democrat Christine Jennings and Republican Vern Buchanan in Florida's 13th Congressional district.
In the early afternoon hours on Monday, Oct. 23, 2006, an Internet worm slammed into the county's database system, breaching its firewall and overwriting the system's administrative password. The havoc brought the county's network -- and the electronic voting system which relies on it -- to its knees as Internet access was all but lost at voting locations for two hours that afternoon. Voters in one of the nation's most hotly contested Congressional elections were unable to cast ballots during the outage, since officials were unable to verify registration data.
An incident report filed by the county explains the intrusion and temporary havoc wrought by the virus.
According to a two-page report examining an October 2006 outage, a server on Sarasota County's database system was attacked by "a variant of the SQL Slammer worm." Once infected, as the report details, the server "sent traffic to other database servers on the Internet, and the traffic generated by the infected server rendered the firewall unavailable."
In a separate document, titled "Conduct of Election Report, Sarasota County General Election, November 7, 2006" there are two different Internet service outages mentioned, though the viral attack described in the Sarasota County database security team's report -- the attack that was presumably the source of one of those outages -- is not described or even mentioned specifically in that report. It's still unclear what the second incident referred to in that report may be.
The SQL Slammer Worm, commonly known as Slammer, was discovered in 2002. In January of 2003, when it was first triggered, the virus brought Internet systems down across the world in a matter of minutes. Though most systems vulnerable to the attack have since been patched by a fix provided by Microsoft prior to the initial 2003 attack, the Sarasota County machine that was attacked and subsequently spread an infection that overtook the network infrastructure "was completely unpatched. Essentially it was missing five years’ worth of security updates," according to the October 24, 2006, incident report.
Effects and disclosures
A network security specialist who works for the county and who was part of the team that authored the incident report explains that the damage was contained once the server where the infection struck was taken offline. He believes that beyond the initial damage and the ensuing two hours during which the system became largely unusable --- temporarily making it next to impossible for elections officials to verify residency of voters --- there was no lasting effect on the voting systems used in the 13th District's election or in other races in Sarasota County.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts