Salted Hash Live Blog – Election Day 2016

Election news and coverage with a security twist

Election 2016 teaser - Republican vs Democrat

Salted Hash will be providing continuous coverage of today’s election. From the time the polls open in the east, until the election is called later this evening, we’ll keep things updated with the latest news and analysis, as well as a recap of related events.

This year’s election is one of the first in living memory (for me anyway) where the topic of hacking isn’t just a passive subject – it’s a reality. Throughout 2016, someone (the top suspect is Russia) has been hacking political targets in the Democratic Party and it’s clear the goal is disruption.

This year the fear of security incidents, including network compromise or denial-of-service, are stacked-up alongside concerns over voter suppression and rigged counts, which has voters, pundits, and election officials on edge.

0320 AM EST (November 9):

As mentioned earlier, the concerns over DDoS attacks or other Election Day problems never really presented themselves, and that’s a good thing.

Research released by Biscom earlier this week showed that 14-percent of the registered voters who responded to questions believed the election would be hacked. Another 28-percent believed it was a possibility.

Earlier this evening, in an emailed statement, someone who knows a thing or two about the topic commented on the state of voting systems and probability of hacking the vote.

“Voting computers have been shown to be very vulnerable​if you have physical access to them,” commented Tenable Network’s Strategist, better known to some as Space Rogue.

"There are over 9,000 jurisdictions and a handful of different types of equipment, which makes the probability of swaying a​national​election extremely low. These variables help promote the resilience​and integrity​of our electoral system. In addition to getting unobserved physical access to a voting computer for several minutes, an attacker would also need to execute the attack in such a way that any vote manipulation would go unnoticed.

"While most voting computers do provide a paper audit trail there are additional checks and balances in the process for those systems that don't. It is extremely unlikely that anyone would be able to sway a national election by tampering with voting computers well enough that it went unnoticed. No matter what happens, starting on November 9th, we need to work on improving the overall security of our voting process."

0300 AM EST (November 9):

During Trump's acceptance speech, someone in the crowd shouted what sounded like "Kill Obama!" - but a watching the speech a second time makes it sound like "repeal Obama!"

Listen for yourself, the call is at 09:48 in this video.

The possibility of such a hateful sentiment reminded me of something captured by a Reuters photographer earlier this week:

rope tree journalist REUTERS/Jonathan Ernst

A man wears a shirt reading "Rope. Tree. Journalist." as supporters gather to rally with Republican presidential nominee Donald Trump in a cargo hangar at Minneapolis Saint Paul International Airport in Minneapolis, Minnesota, U.S. November 6, 2016.

0231 AM EST (November 9):

The Associated Press is calling the election for Donald Trump:

AP calls the election for Trump

0230 AM EST (November 9):

A statement released by Julian Assange addresses some of the questions surrounding the publication of Democratic documents and emails (such as those from John Podesta), which many said were a direct attempt to influence the election.

“The right to receive and impart true information is the guiding principle of WikiLeaks—an organization that has a staff and organizational mission far beyond myself. Our organization defends the public's right to be informed. This is why, irrespective of the outcome of the 2016 U.S. Presidential election, the real victor is the U.S. public, which is better informed as a result of our work,” Assange said.

“At the same time, we cannot publish what we do not have. To date, we have not received information on Donald Trump's campaign, or Jill Stein's campaign, or Gary Johnson's campaign or any of the other candidates that fulfills our stated editorial criteria. As a result of publishing Clinton's cables and indexing her emails we are seen as domain experts on Clinton archives. So it is natural that Clinton sources come to us.”

The full statement is online.

0200 AM EST (November 9):

It’s early morning on Wednesday here in Indiana. John Podesta, Chairman of the Clinton campaign, is saying goodnight to supporters – encouraging them to go home and get sleep, as the Clinton team will have nothing further to say until all the votes are counted.

Podesta is also known as one of the political giants to have been hacked this year, resulting in the public exposure of thousands of emails, offering deep insight into the Clinton camp.

So while the world watches the election move into the early hours of a new day, some voters are viewing the results with a mixture of shock and fear.

The predicted DDoS attacks are a thing of the past now. No one is concerned with them, because the reality of a President Trump - backed by a Republican controlled House and Senate - is chilling.

Democrats are watching their hopes fade, and the markets fall, as Donald Trump flips states that were lost by the Republicans in 2012, putting Hillary Clinton in a position to where she needs to win all of the remaining states in order to become the 45th President of the United States.

While listening to the news, someone pointed out an interesting item on Twitter - the fake Rudolph Giuliani account. Normally parody accounts are amusing, but sometimes they’re used to promote a topic or agenda.

Here, @rudygiulianiGOP provides a good example of how social media can drive people and issues. Early on the account was tweeting pro-Trump propaganda to the delight of his supports. Then, as the race started to wind-down, the account flipped, and expressed dismay at the results.

A Giuliani parody account on Twitter


6:52 PM EST:

There are reports of an active shooter in a suburb of Los Angeles. LA County Sheriff's Department said they are dealing with a single, heavily armed suspect.  According to the LA Times, one person was killed and three others were injured. The shooting took place near a polling location in Azusa.

5:00 PM EST:

Well, things are still quiet, but that is changing. Earlier this afternoon, someone posted an image showing high-levels of latency on CenturyLink and Level3. This isn’t proof of anything, but it is something worth watching. However, as this update is being written, Rook’s SOC was able to confirm that there were issues with Level3 in the North East and West Coast.

There were also reports of people who went to polls in California, only to discover that someone had stolen their ID and used it to vote by mail. According to an image of a text conversation, such incidents have been “happening a lot today.”

3:30 PM EST

Salted Hash has spent most of the afternoon at Rook Security’s SOC, watching various channels and chatting with those watching the day’s events unfold.

This afternoon has been, for the most part, quiet. At least as far as security issues are concerned. There have been no confirmed reports of DDoS attacks, or other threats. Given the fears and hype surrounding the day, this is a good thing.

SOC floor at Rook Security SRAGAN

When it comes to glitches and errors however, the day has been filled with frustrating examples. In Durham, North Carolina, officials requested polling extensions after a failure in the electronic voter check-in system required the county to switch to paper roll books.

With luck things will stay quiet.

Earlier updates can be located on page two.

1 2 Page 1
Page 1 of 2
7 hot cybersecurity trends (and 2 going cold)