Tag Archive for: hired

Suffolk cyberattack: County consultant also lobbies for vendor hired to fortify system

/in


A consulting firm hired to help manage Suffolk County’s response to a ransomware attack also has served as a lobbyist for the computer security company brought in more than three years ago to analyze and fortify Suffolk’s networks, according to a Newsday analysis of records.

Computer security experts and a government watchdog group said consulting firm RedLand Strategies and founder Michael Balboni’s roles as state lobbyist for the company — and consultant to Suffolk County — could present potential conflicts of interest in the cleanup of the Sept. 8 cyberattack.

Separately, computer experts raised concerns that Palo Alto Networks, the company that provided the front-line firewall of Suffolk’s defense against cyberattacks, is acting as the primary forensic auditor to analyze what happened when the county’s system was breached.

RedLand and Palo Alto, both responsible for helping safeguard Suffolk’s computer system since 2019, recently were awarded new contracts to manage the county’s response to the attack, determine how the breach occurred and to help fix it.

WHAT TO KNOW

  • A consultant brought in to help manage Suffolk’s response to the Sept. 8 ransomware attack also has served as a lobbyist for a security system vendor that provided Suffolk’s front line of defense. 
  • Good government experts say the roles could present a conflict, but others say the current state of emergency and continuing impacts warrant the measures. 
  • An annual computer network risk-assessment report required by 2018 legislation has been finished only once, and a top recommendation to hire a cybersecurity chief wasn’t followed.
  • Experts say the county should look to independent forensic auditors to conduct a thorough investigation of the cyber breach, rather than use an arm of the firewall company. 

Suffolk has yet to publicly say how ransomware attackers infiltrated its system — potentially hundreds of times in the days and weeks leading up to the attack — but no one is blaming RedLand or Palo Alto. The attack has hobbled telephone and email systems and impacted the police department, Department of Health Services, and the Traffic and Parking Violations Agency as the…

Source…

Hired ‘hackers’ fail to disrupt Brazil voting system

/in


BRASILIA, Brazil — More than 20 would-be hackers gathered in the Brazilian electoral authority’s headquarters in the capital last week. Their mission: infiltrate the nation’s voting system ahead of a race in October.

Their three-day battery of attempted assaults ended Friday and was part of planned testing that happens every election year, usually proceeding without incident or drawing any attention. But with President Jair Bolsonaro continuously sowing doubt about the system’s reliability, the test took on an outsized significance as the electoral authority, known as the TSE, seeks to shore up confidence in the upcoming general elections.

Analysts and members of the TSE said the test’s results were more encouraging than ever. All the experts attempting to disrupt the system — among them federal police agents and university professors in engineering, information technology, data security and computer science — had failed.

“No attack managed to alter the destination of a vote in the electronic ballot,” Julio Valente da Costa, the TSE’s secretary of information technology, told reporters in an interview afterward.

“The importance of this test is for us to rest assured, at least about all the technology and computing components for the elections.”

When Bolsonaro won the presidential race four years ago, he claimed he had actually secured victory in the first round, not the runoff weeks later.

The former army captain has repeatedly made accusations the voting system used for three decades is vulnerable, and at times said he possesses proof fraud occurred, but has never presented any evidence.

Last year, Bolsonaro suggested the election could be canceled unless a voting reform was passed in Congress, but the proposed constitutional change did not garner enough votes.

Analysts and politicians have expressed worry that far-right Bolsonaro, who is trailing leftist former President Luiz Inacio Lula da Silva in all early polls, is laying the groundwork to follow the lead of his ally, former U.S. President Donald Trump, and reject election results.

The TSE has gone to great lengths to bring more openness to the electoral process, even inviting the armed forces to sit on its transparency…

Source…

Hired ‘hackers’ try, and fail, to invade Brazil vote system

/in


BRASILIA, Brazil (AP) — More than 20 would-be hackers gathered in the Brazilian electoral authority’s headquarters in the capital this week. Their mission: infiltrate the nation’s voting system ahead of a hotly anticipated race in October.

Their 3-day battery of attempted assaults ended Friday and was part of planned testing that happens every election year, usually proceeding without incident or, for that matter, drawing any attention. But with President Jair Bolsonaro continuously sowing doubt about the system’s reliability, the test took on an outsized significance as the electoral authority, known as the TSE, seeks to shore up confidence in the upcoming general elections.

Analysts and members of the TSE said the test’s results were more encouraging than ever. All the experts attempting to disrupt the system — among whom were Federal Police agents and university professors in engineering, information technology, data security and computer science — had failed.

“No attack managed to alter the destination of a vote in the electronic ballot,” Julio Valente da Costa, the TSE’s secretary of information technology, told The Associated Press in an interview afterward. “The importance of this test is for us to rest assured, at least about all the technology and computing components for the elections.”

When Bolsonaro won the presidential race four years ago, he claimed he had actually secured victory in the first round, not the runoff weeks later. The former army captain has repeatedly made accusations the voting system used for three decades is vulnerable, and at times said he possesses proof fraud occurred, but has never presented any evidence.

Last year, Bolsonaro suggested the election could be canceled unless a voting reform was passed in Congress. But the proposed constitutional change did not garner enough votes.

Analysts and politicians have expressed worry that far-right Bolsonaro, who is trailing leftist former President Luiz Inácio Lula da Silva in all early polls, is laying the groundwork to follow the lead of his ally, former U.S. President Donald Trump, and reject election results.

The TSE has gone to great lengths to bring more openness to the…

Source…

Security consultant hired by Foreign Office linked to string of hacking complaints

/in


A British private investigator and security consultant whose company has just completed a four-year contract to protect the UK’s embassy in Tel Aviv is linked to a string of telecommunications hacking complaints dating back more than 20 years, according to high court judgments.



a car stopped at a traffic light on a city street: Photograph: Michael Jacobs/Alamy

© Provided by The Guardian
Photograph: Michael Jacobs/Alamy

A court judgment that touches on the career history of Stuart Page – the 69-year-old founder of the private security and intelligence firm Page Group – noted last May that the businessman “operates in a world of covert surveillance in which agents acquire confidential information unlawfully”.

The judgment explores how Page, who was appearing in the case as a witness, was linked to hacking allegations stretching back to 1998, where the businessman is said to have received stolen materials and passed them to clients. The judge concluded that the allegations did not establish that Page had ever carried out or authorised hacking himself.

Page Group’s alleged role in passing illegally obtained materials to clients raises questions about the use of stolen personal information within UK civil court proceedings, as well as the company being awarded a £1m Foreign, Commonwealth and Development Office (FCDO) contract to protect one of the UK’s most sensitive embassies – a deal that concluded in December after almost four years.



a car stopped at a traffic light on a city street: The Embassy of the United Kingdom in Tel Aviv, Israel

© Photograph: Michael Jacobs/Alamy
The Embassy of the United Kingdom in Tel Aviv, Israel

The FCDO’s Supply Partner Code of Conduct states: “Supply partners and their delivery chain partners must declare to FCDO where there may be instances or allegations of previous unethical behaviour by an existing or potential staff member or where there is a known or suspected conflict of interest.”

Neither Page Group nor the FCDO would say if the company had highlighted the historical allegations to the government.

Video: Full statement (Birmingham Mail)

UP NEXT

UP NEXT

Lawyers for Page, whose companies have also worked guarding EU diplomats and on intelligence engagements for Middle Eastern rulers, told the Guardian: “No findings of hacking…

Source…