Sunday, November 29, 2015

Hoeber Campaign Responds to Website Hack

POTOMAC, MD - Amie Hoeber's campaign responded today to the WashCo Chronicle's article discussing her website being hacked.

In lieu of WashCo Chronicle's request for comment via email, Hoeber's campaign staff chose to respond publicly to the article. The public response, which is currently hosted on Facebook, is below:


The usage of quotation marks was used as an attention grabber only, and has since been changed per the recommendations of Ryan Miner, former Washington County Board of Education candidate. WashCo Chronicle apologizes for any misunderstanding, or perceived "snarkiness", as none was intended.

There is no hidden agenda here. WashCo Chronicle does not endorse any candidates, and only seeks to shed light on news which traditional media outlets don't cover.

Every word of Hoeber's statement are correct, in that there is no such thing as a 100% secure website. However, lacking from Hoeber's statement is any discussion of the actual root cause analysis regarding the hack.

Website hacks are typically the result of either an unpatched vulnerability (for which a patch may or may not be available), an insecure configuration, or a weak/stolen password. This means that if the Hoeber Campaign WordPress site is up to date on patches, then either a zero-day attack (for which no patch is available) was used, an insecure configuration existed, or a weak/stolen password was used.

WashCo Chronicle would like to encourage the Hoeber campaign to come forward with the root cause analysis, and disclose what the cause was, how it was remediated, and what steps have been taken to prevent the attack from occurring again.

WashCo Chronicle thanks the Hoeber Campaign for their response so far, and looks forward to full disclosure of the actual attack.

Cyber security is of the utmost importance for our nation, and we are glad that the Hoeber Campaign takes the matter seriously.

Ken Buckler is the editor of the WashCo Chronicle, and a cyber security professional.

No comments:

Post a Comment

Please note that all comments are moderated. An account is required, but you are not required to use your real name. Inappropriate comments will not be published.