FBI
August 30, 2016 by

FBI Warns State Election Databases Breached by Foreign Hackers

 

The Federal Bureau of Investigation has issued an alert this month, urging US state election officials to increase cybersecurity measures after finding evidence that two state election databases were breached in recent weeks.

The FBI’s cyber division issued a flash alert warning on August 18, urging US election officials to improve their cybersecurity framework, according to a report by Yahoo News.

Citing unnamed law enforcement officials, the publication revealed that foreign hackers are believed to be behind the cyber-intrusions.

While the FBI warning did not specify the two targeted states in its alert, sources close to the investigation pointed to Arizona and Illinois as the states whose voter registration systems were compromised.

Related read: Security Researcher Arrested after Revealing Flaws in Election Website

One state election board official told the publication that the Illinois voter registration system was shut down for over 10 days in late July, with hackers stealing personal data of some 200,000 voters.

The official also revealed that the cyberattack targeting Arizona saw malware introduced into the voter registration system. However, no data was stolen, according to the official.

The alert was issued in the wake of increased concerns among U.S. intelligence officials about the possibility of cyberattacks during the upcoming presidential elections in November, potentially by state-sponsored Russian hackers.

Yahoo News Reported:

Those concerns prompted Homeland Security Secretary Jeh Johnson to convene a conference call with state election officials on Aug. 15, in which he offered his department’s help to make state voting systems more secure, including providing federal cybersecurity experts to scan for vulnerabilities, according to a “readout” of the call released by the department.

Three days after that conference call, the alert was issued. An FBI bulletin detailing the investigation listed eight separate IP addresses, pinpointed as sources of the two attacks. One of the IP addresses were used in both intrusions. Among the IP addresses, one of them has previous surfaced in Russian criminal underground hacker forums. Cybersecurity experts have further determined that the tools used by the hackers to scan for and exploit vulnerabilities resemble the techniques used by suspected Russian state-sponsored cyberattacks, such as the one on the World Anti-Doping Agency this month.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

US Govt Warns Energy, Aviation Companies of Cybersecurity Threats

The US government has reportedly issued a rare public warning about targeted hacking campaigns...

Read more arrow_forward

The FBI’s Cyber Action Team is Investigating the WannaCry Ransomware

The sweeping global ransomware menace led by WannaCry and its many variants is being investigated by...

Read more arrow_forward

Russian Hackers Behind Ransomware Targeting U.S. Police, Says Acronis

According to data-protection specialist Acronis International, Russian hackers are likely to be...

Read more arrow_forward