FCC Not Moving Forward with IoT Security Mandates

fcc_logoCurrently facing backlash from the widespread DDoS attacks last week, the FCC is being pressed on how they plan to manage and regulate the increase of IoT devices on the market. Many in congress are pressuring the FCC to regulate IoT devices as different entities than traditional computers, saying that their impact on network infrastructure is fundamentally different.

The current commissioners are pretty unanimous in their belief that the Open Internet Order gives ISP’s the correct amount of leeway to handle threats similar to the recent DDoS attacks themselves. The Open Internet Order grants ISP’s “Reasonable Network Management”. If that sound’s extremely flexible, that’s intentional.

Mostly, the FCC wants to keep their hands out of this mess, opting instead for a more advisory role.

You can read more on this subject by clicking here.

Hacking the US Voter Registration System


Every election season, a new discussion sparks up surrounding the security of voting machines and the handling of voter registration information. For the 2016 election cycle, the first victims of vulnerabilities in these systems were the states of Illinois and Arizona. CNN is reporting that both states have had their registration databases breached, but are claiming that their election systems are currently unaffected.

In Illinois it is apparent that roughly 200,000 unique voter registrations have been accessed, but are apparently unchanged. The attack was likely carried out in early June, but was not detected until late July. The database included voters’ names, addresses, sex and birthdays in addition to other information. The database comprises of 15,000,000 records, and some contain a social security number or drivers license number. It is still unclear who is responsible for the breach, or what their intentions with the data are.

In Arizona the attack is a little more clear, but have been going on much longer. The Arizona voter registration system had to be taken down in May after it was discovered that a local official’s username and password had been made publicly available on a forum online. The account used to post the information is linked to a prominent Russian hacker. After taking down the system the forensic analysts determined that it was more than likely the official who’s information had been made public was the victim of a malware attack. It is apparent that no data has been affected, but the severity of the breach is unknown.

You can read the full CNN article here.

-Max Maurin