A “flash” alert from the FBI’s Cyber Division leaked to Yahoo News Monday shows that federal law enforcement officials have evidence that two U.S. state election databases hacked over the summer were penetrated by foreign cybercriminals suspected to be sponsored by the Kremlin.
Entitled “Targeting Activity Against State Board of Election Systems,” intended for “NEED TO KNOW recipients,” the FBI bulletin, dated Aug. 18, informs that one of the hacks successfully lifted personal information from what is thought to be the state of Illinois’ voter registration system — forced to shut down for 10 days in late-July.
Approximately 200,000 Illinois state residents had sensitive data downloaded by hackers on July 12.
The state of Arizona’s voter registration system was also targeted and malware was installed, but no data is believed to have been stolen.
One of the IP addresses was found on both state systems, suggesting the infiltrations originated from the same source. Another IP matched one previously found on a Russian “dark web” hacking site. According to cybersecurity firm chief intelligence officer Rich Barger, who reviewed the FBI bulletin, techniques used in one of the state voter registration hacks were similar to other computer system break-ins traced back to the Russian government.
“This is a big deal,” Barger told Yahoo. “Two state election boards have been popped, and data has been taken. This certainly should be concerning to the American voter.”
Cybersecurity advocates are lobbying the Department of Homeland Security (DHS) to officially recognize state election systems as “critical infrastructure” which would qualify them for federal government assistance in securing the databases. A DHS spokeman said a policy change “is under consideration.”
On Aug. 15, three days prior to the FBI’s flash bulletin, DHS Secretary Jeh Johnson held a conference call with state election officials to ensure voting systems are secure for the Nov. 8 general election.
Currently, 40 states use computer systems to tabulate election votes, 10 of which are not backed up physical paper ballots and exclusively use Direct-Recording Electronic voting machines, including many districts in the swing-state of Pennsylvania.
Sec. Johnson suggested that election officials disconnect electronic voting systems from the Internet on Nov. 8, or during early voting sessions, lest a Russian cybercriminal gains access to the polls and changes all presidential votes to Donald Trump.
[Yahoo News] [Image courtesy BidnessETC]