
More states confirm suspected cyberattacks sourced to DHS - aburan28
http://www.wsbtv.com/news/local/more-states-confirm-cyber-attacks-sourced-to-dhs/476227320
======
idm
Are they reporting what is a mis-identification of automated vulnerability
scanning?

We've been talking for weeks now about how NSA continually weakens the US by
attacking encryption and infrastructure - and nobody is actually helping
tighten our networks.

Could it be that DHS has some mandate to scan government networks?

~~~
stephancoral
It could also be that

a) DHS machines are compromised

b) They are just falsifying the IP

~~~
neuronexmachina
If they're all from the same IP address, it seems likely that it's a
compromised machine.

------
apeace
I'm shocked that this story seems to be upvoted less than the Gimli Glider
story which has been on the front page for more than a day.

One would think that the recent allegations of Russian hacking [0], as well as
these allegations, would be of interest to the HN community. Whether either of
the allegations is well-founded or not, they need to be investigated and
understood by the public.

It's worth noting that the President spent a great deal of his final press
conference discussing the Russian hacking issue [1].

Why is this not bigger news, especially here?

[0] [http://www.cnn.com/2016/12/19/politics/russian-election-
hack...](http://www.cnn.com/2016/12/19/politics/russian-election-hacking-
podesta-brazile-mccain/)

[1] [https://www.emptywheel.net/2016/12/18/obamas-response-to-
rus...](https://www.emptywheel.net/2016/12/18/obamas-response-to-russias-hack-
an-emphasis-on-americas-more-generalized-vulnerability/)

~~~
Fjolsvith
Could it be because it delegitimatizes the reports of Russia being to blame
for election agency hacking?

~~~
cvwright
Could be part of it. Also, election fatigue. The 2016 election has dominated
every news cycle for more than a year. Everybody is just plain tired of it,
for better or worse.

------
cagey_vet
my bet is on an assessor mis-scanning an ip range during a scheduled network
assessment. having been in those trenches, this is how it was firmly explained
to me every week when tasks were delegated: "double and triple-check all your
target ip addresses. we don't want someone outside the network complaining
about a scan, that's a reportable incident and makes us look like douches when
we are trying to get new business with the fed client."

------
ccarter84
Unrealistic, but fun theory: Maybe DHS was hacked by Russia and then used as
attack-vector

