Foreign Hackers Allegedly Breach 2 State Election Databases
NEWS ANALYSIS: Recent incidents underscore the fact that despite budget shortfalls, states need to find a way to make elections as secure as possible.A variety of press reports indicate that the Federal Bureau of Investigation is looking into intrusions at the voter registration offices of two states during July and August. The two states are Illinois, where the voter registration system was taken offline for two weeks in July, and Arizona, where the voter registration network was down only briefly. The reports indicate that approximately 200,000 records were taken in the Illinois breach but that the hackers failed in their attempt to take data from Arizona. While federal investigators have not said specifically that the same groups were involved in both attacks, an alert sent to state election officials lists common IP addresses that were used in both attacks. Several third-party sources have identified the attackers as Russians, but U.S. law enforcement sources have not confirmed that. However, the U.S. government is taking the threat seriously enough that Secretary of Homeland Security Jeh Johnson held a conference call with state election officials on Aug. 15 to discuss the need for increased security of election sites and to encourage state election officials to follow the recommendations of the National Institute of Standards and Technology and the Department of Justice in securing their systems. "As part of the ongoing effort, the secretary also announced that DHS is convening a Voting Infrastructure Cyber-security Action Campaign with experts from all levels of government and the private sector to raise awareness of cyber-security risks potentially affecting voting infrastructure and promote the security and resilience of the electoral process," a spokesperson for DHS said as part of the announcement of the call.
For its part, the FBI isn't providing much detail, which is no surprise since this is still an ongoing investigation. "While we cannot comment on specific alerts, what we can say is that in furtherance of public/private partnerships, the FBI routinely advises private industry of various cyber-threat indicators observed during the course of our investigations. This data is provided in order to help systems administrators guard against the actions of persistent cyber-criminals," an FBI spokesperson told eWEEK in an email.