Rival parties clash over alleged hacking vulnerabilities in election watchdog | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

National Election Commission (NEC) Chairman Rho Tae-ak, left, takes questions during a parliamentary audit from lawmakers of the Public Administration and Security Committee at the National Assembly in western Seoul on Friday. [NEWS1]

The rival parties locked horns over alleged cybersecurity vulnerabilities in the state-run election watchdog’s voting and ballot counting systems during a parliamentary audit of the National Election Commission (NEC) Friday.
The governing People Power Party (PPP) expressed concern about the National Intelligence Service’s (NIS) recent finding that the NEC’s network was vulnerable to cyberattacks, especially from North Korea.
The spy agency criticized the NEC for its poor ballot management, voicing worries about the possibility of early voting manipulation due to hacking ahead of the general elections slated for April next year.
Lawmakers of the liberal Democratic Party (DP), in turn, criticized the NIS for announcing its findings on the eve of the by-election for the head of Seoul’s Gangseo District Office, a critical race that ended in a DP victory.
On Tuesday, the NIS announced the results of a joint security evaluation of the NEC system conducted with the Korea Internet and Security Agency (KISA) for two months since July.
It found that the election watchdog’s internal network and the voting management system could easily be infiltrated even through the internet, which could expose vote results to external manipulation. Vulnerabilities included infiltrating the NEC’s internal network through the telecommunication system at early voting polling stations.
NEC Chairman Rho Tae-ak made a rare appearance to take questions from lawmakers from the parliamentary Public Administration and Security Committee on Friday’s audit but rebuffed the PPP’s calls for him to resign over various controversies related to the election watchdog.
PPP Rep. Lee Man-hee had sharp words for the NEC’s security management, criticizing the findings that a staffer’s password to access the election management system was “12345” and asking, “How can we protect our election management system from hacking in this situation?”
He voiced concerns that hackers could infiltrate the NEC’s election management network to manipulate registered voter information and ballots.
In turn, DP Rep. Kang Byung-won said he is “concerned that the NIS may be laying the groundwork to intervene in politics and elections again,” referring to the timing of its announcement ahead of the by-election.
During the parliamentary audit, Rho issued an apology for “greatly disappointing the public” over allegations of preferential hiring of children of high-ranking election commission officials.
However, regarding calls for him to resign, Rho said, “I will take responsibility for anything I need to do after the audit, investigation and next year’s general elections are completed.”
As the parliamentary audit comes ahead of the general election in April next year, the rival parties have fiercely battled sensitive foreign affairs, security, economy and other policy issues during these sessions.
The parliamentary audit, which began Tuesday, is the last for the 21st National Assembly before its term ends next year, during which the 17 parliamentary standing committees will audit a total of 791 government agencies through Nov. 8.
“We humbly apologize to the public for the poor operation of the election management system and will not leave even a 1-percent possibility of election fraud,” PPP floor leader Yun Jae-ok said at the National Assembly Friday, calling for follow-up measures.

BY SARAH KIM [[email protected]]


Click Here For The Original Story From This Source.

National Cyber Security