, , , , ,

The news snuck up and bit me whilst I Christmas shopped.

The other day I mentioned the DHS attempted breach of the Georgia Secretary of State’s computer system. I said it was interesting. And the interest grows.

DHS, I read somewhere, initially issued a blanket denial. There were some potentially plausible explanations for the intrusion. But the denial didn’t really set off any alarms. Agencies blanket deny just about everything up front. If it goes away, good for them. If not, then they come up with some line of reasoning. Here’s the interesting part:

The feds have come up with two plausible explanations and they have done so rapidly. One is that some nefarious third-party hacker “mirrored” their IP address to launch a covert attack. I’ve heard of things like that. It makes sense.

However, they seem to put more emphasis on the second theory: hacking by a rogue DHS agent. That they’ve admitted this is even a possibility means they either knew something beforehand or they were concerned about a mole. Who could this rogue be?

I know government employees get bored. But no-one will be so bored as to resort to trying to break into another government computer system. There’s gambling, and porn, and Facebook if things get that bad. Only a lunatic would want to sneak a peek at any SOS site. That, or someone with a criminal agenda – and really good cover. Again, who?

CNN, the WaPo, and the DNC are blaming the Russians for everything under the sun right now. Could it have been Moscow? Maybe. But not likely. I would first suspect corporate espionage before the Russians. Brian Kemp’s site has a lot of company and professional data as he mentioned in his letter to Jeh Johnson. Still, that doesn’t seem plausible either.

More so than business information, the site hosts tons of personal citizen data. I would lean towards an attempted identity theft ring. Those things are out there and they sometimes pay odd people – even trusted government security types – to steal raw data for them. It’s possible. Yet, something else keeps hinting away in my brain. Who else would want a lot of private information about where Georgians live and so forth?

Br’er Mohamed? The jihadis are working overtime trying to attack the West. And they seem to specialize in new and innovative approaches. Often, 7th century slander aside, they go the sophisticated, high-tech route. We know they’ve done data mining before. They’ve published “hit lists” of thousands of names, backed up by detailed information.

A computer screenshot shows the U.S. Central Command Twitter feed after it was apparently hacked by people claiming to be Islamic State sympathizers

They’ve done major government site hacking before. Newsweek / ISIS / Twitter.

A successful breach – and this one failed (as far as we’re told) – would have yielded over 6 million identities. That’s a lot to work through. But, whatever else the terrorists are, they are industrious. They could have started building a super list. Maybe a list for targeted assassinations? Who knows. It might not even be them.

DHS and Georgia are both investigating. If it was indeed a third-party, we will likely never know the identity. Hackers are superb at hiding. If it was a rogue, they’ll find him. Unless he flees the country. And, then, where he flees might shed light on his motives. Saudi Arabia? Yemen? Pakistan?

All of this is developing, of course. Perhaps the most alarming aspect is that, whatever this was and however it happened, it came from the very federal agency which was allegedly custom crafted a few years ago to fight just this sort of activity. Fight it, not foment it. There was a reason Ron Paul called publicly for abolishing DHS. Remember that?

Ah, well – a mystery…