The FBI is warning state officials to boost their election security in light of evidence that hackers breached related data systems in two states. The alert didn’t include the names of the breached states, although sources claim it refers to IL and Arizona’s voter registration databases being targeted by suspected foreign hackers.
Advertisement
In the two attempts, data from as many as 200,000 voter records in the USA state of IL was stolen, the officials told NBC News. And in late June, Arizona took its voter registration database offline; according to Yahoo, no data appeared to have been transferred, although “malicious software” found its way into the state’s system.
The FBI has sent a warning to the state of IL to boost their security systems in regards to voter registration information.
The FBI issued a “Flash” memorandum, warning that foreign hackers have been targeting state board of election systems. One of the addresses was found in both attacks and the Federal Bureau of Investigation is looking to see whether other states were at risk from the same perpetrators, the report said.
The FBI Cyber Division bulletin (pdf) noted that eight separate IP address were used in both attacks with one IP address being common to both intrusions.
Earlier this month, Homeland Security Secretary Jeh Johnson spoke with state election officials on ways to better safeguard their voting systems from hackers.
They’re now looking for evidence of other states being targeted, but for the moment, they’re warning election officials across the country to increase security before the November election. An Arizona official said no voter data was removed.
The alert, Yahoo’s report said, didn’t identify the states that were targeted, but sources told Yahoo that they were Arizona and IL. They did say they are investigating possible links with cyber-ops against the Democratic National Committee, which resulted in the release of thousands of internal party emails in July. But if covert is no longer the plan, and logs are left nearly deliberately to point back at IPs, it calls into question if the “foreign hackers” want to be discovered.
Advertisement
The alert contained information about which IP addresses the hackers targeted and the specific commands and programs used to infiltrate state voter databases. Rich Barger, chief intelligence officer for cybersecurity firm ThreatConnect, told Yahoo News that one of the addresses had previously surfaced in underground Russian hacker forums.
