Worm attacked voter database in notorious Florida district
Machine in hotly contested 13th Congressional district lain low by Slammer on first day of election
Computerworld - The computer database infrastructure of Sarasota County, Fla., was attacked by a notorious Internet worm on the first day of early voting during the 2006 election, which featured the now-contested U.S. House race between Democrat Christine Jennings and Republican Vern Buchanan in Florida's 13th Congressional district.
In the early afternoon hours on Monday, Oct. 23, 2006, an Internet worm slammed into the county's database system, breaching its firewall and overwriting the system's administrative password. The havoc brought the county's network -- and the electronic voting system which relies on it -- to its knees as Internet access was all but lost at voting locations for two hours that afternoon. Voters in one of the nation's most hotly contested Congressional elections were unable to cast ballots during the outage, since officials were unable to verify registration data.
An incident report filed by the county explains the intrusion and temporary havoc wrought by the virus.
According to a two-page report examining an October 2006 outage, a server on Sarasota County's database system was attacked by "a variant of the SQL Slammer worm." Once infected, as the report details, the server "sent traffic to other database servers on the Internet, and the traffic generated by the infected server rendered the firewall unavailable."
In a separate document, titled "Conduct of Election Report, Sarasota County General Election, November 7, 2006" there are two different Internet service outages mentioned, though the viral attack described in the Sarasota County database security team's report -- the attack that was presumably the source of one of those outages -- is not described or even mentioned specifically in that report. It's still unclear what the second incident referred to in that report may be.
The SQL Slammer Worm, commonly known as Slammer, was discovered in 2002. In January of 2003, when it was first triggered, the virus brought Internet systems down across the world in a matter of minutes. Though most systems vulnerable to the attack have since been patched by a fix provided by Microsoft prior to the initial 2003 attack, the Sarasota County machine that was attacked and subsequently spread an infection that overtook the network infrastructure "was completely unpatched. Essentially it was missing five years’ worth of security updates," according to the October 24, 2006, incident report.
Effects and disclosures
A network security specialist who works for the county and who was part of the team that authored the incident report explains that the damage was contained once the server where the infection struck was taken offline. He believes that beyond the initial damage and the ensuing two hours during which the system became largely unusable --- temporarily making it next to impossible for elections officials to verify residency of voters --- there was no lasting effect on the voting systems used in the 13th District's election or in other races in Sarasota County.
- PCI 3.0 Compliance In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Mitigating Security Risks at the Networks Edge This white paper provides strategies and best practices for distributed enterprises to protect their networks against vulnerabilities, threats, and malicious attacks.
- 5 Strategies for Modern Data Protection Read the five strategies for modern data protection that will not only help solve your current data management challenges but also ensure that...
- 5 Ways Dropbox for Business Keeps Your Data Protected Protecting your data isn't a feature on a checklist, something to be tacked on as an afterthought. Download here to find out how...
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!