[ad_1]
Last Thursday October 8, a security breach allowed one or more strangers to access the servers of the Gobierno Digital website, without officially, until now it is known what type of information was stolen.
“It is a person who entered and made his comments offending from the mayor of Valparaíso to the other end of the political spectrum. He had access to the site, and eventually he may have had access to this storage of complex figures and data, ”said the Minister Secretary General of the Presidency, Cristián Monckeberg.
“I could reach the Unique Key after an uphill job. We we do not store unique keys, but encrypted ciphers”, He assured, adding that they had no real knowledge of whether the attacker took information. “And that we are investigating by the Prosecutor’s Office,” he said.
But the fact, which forced the authority to have a password change for users, had already been warned by computer experts a few days ago before being officially revealed. In one of the messages the possession of “Hundreds of gigabytes of virtual police station data, and the source code for the unique key.”
One of them is Fernando Lagos, specialist in cybersecurity and director of NIVEL4, who states that in addition, in January 2019 –almost two years ago- It had already alerted the Computer Security Incident Response Team about these vulnerabilities, without obtaining a response.
“The person in charge tried to silence me“, it states. “He told me that a survey had been made of people in the branch doing procedures, in different regions, and they were asked why they went to the branch and did not do the procedures online. People responded that they did not trust the platform”.
“So, if I published things against the Unique Key, I would generate more mistrust in people ”, he adds. “Then he summoned me to a meeting and stood me up.”
“What I wanted to report at that time had to do with weaknesses and vulnerabilities of the Unique Key, not necessarily something that allowed to take control of the servers, but to take control of accounts,” he tells Third.
Still, Lagos avoids referring to the new episode, noting that it could have been a different gap: “Although this happened almost two years ago, the systems are no longer the same so I cannot assure that they have taken advantage of the same vulnerability”, He maintains.
“I prefer not to mention what the problem was about, in case it still persists. It is serious because it directly affects the problem that the Unique Key wants to solve. They want it to take care of all kinds of paperwork using a single log in, in order to make things easier; but they also make things easier for criminals, because if they manage to get a password, it works for all public services. So, the fault is serious”Explains Lagos, who has a decade of experience in the area.
“I found the fault just investigating. With experience and knowledge in programming and security, it is super easy to find things like that. After more than 10 years dedicated to finding faults in systems, everything has become easier ”, he adds.
:format(webp):no_upscale()/cloudfront-us-east-1.images.arcpublishing.com/copesa/YNPZ3AKVVVEN3FBLB5VQ5KCL54.png)
Regarding the information that could be obtained by the attackers, this Thursday, Minister Monckeberg indicated that “there is no database in which the Chilean Unique Key passwords are available ”, and what is stored is a“ complex code or non-reversible encryption, which is generated each time a user is enrolled ”.
“Cannot use a formula or function to obtain the original password, from this encrypted code ”, he added.
In this sense, Fernando Lagos explains that this data is effectively encrypted, “as if it were a trunk, and the trunk has a key. In this case, they took the trunk, but they don’t have the key to open it”, He asserts.
Still a few hours ago a Twitter account allowed to download the source code of the system, databases, information on VPN accounts, user accounts of systems and platforms of the Digital Government, as explained by NIVEL4 on its website.
Lagos mentions that “in the files published after the cyber attack on the Digital Government there are passport numbers and personal data (name, address, cell phone, email) associated with said passport number. Strictly speaking, given this disclosure, the Government should reissue them ”.
“What happened with Digital Government It is not an attack on Unique Key and does not affect Unique Key. The cyberattack affects a series of public institutions that are interconnected, exposing tokens, credentials, certificates and other authentication mechanisms. According to an analysis that I am carrying out, there are at least five affected institutions apart from Digital Government, ”says Lagos.
Meanwhile, Minister Monckeberg indicated that “are the IP (identifier of devices connected to the internet) detected. This information is in the hands of the Prosecutor’s Office and is being investigated ”.
[ad_2]
