Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Foreign Hackers Allegedly Breach 2 State Election Databases

    By
    WAYNE RASH
    -
    August 30, 2016
    Share
    Facebook
    Twitter
    Linkedin
      state election data breaches

      A variety of press reports indicate that the Federal Bureau of Investigation is looking into intrusions at the voter registration offices of two states during July and August. The two states are Illinois, where the voter registration system was taken offline for two weeks in July, and Arizona, where the voter registration network was down only briefly. The reports indicate that approximately 200,000 records were taken in the Illinois breach but that the hackers failed in their attempt to take data from Arizona.

      While federal investigators have not said specifically that the same groups were involved in both attacks, an alert sent to state election officials lists common IP addresses that were used in both attacks. Several third-party sources have identified the attackers as Russians, but U.S. law enforcement sources have not confirmed that.

      However, the U.S. government is taking the threat seriously enough that Secretary of Homeland Security Jeh Johnson held a conference call with state election officials on Aug. 15 to discuss the need for increased security of election sites and to encourage state election officials to follow the recommendations of the National Institute of Standards and Technology and the Department of Justice in securing their systems.

      “As part of the ongoing effort, the secretary also announced that DHS is convening a Voting Infrastructure Cyber-security Action Campaign with experts from all levels of government and the private sector to raise awareness of cyber-security risks potentially affecting voting infrastructure and promote the security and resilience of the electoral process,” a spokesperson for DHS said as part of the announcement of the call.

      For its part, the FBI isn’t providing much detail, which is no surprise since this is still an ongoing investigation. “While we cannot comment on specific alerts, what we can say is that in furtherance of public/private partnerships, the FBI routinely advises private industry of various cyber-threat indicators observed during the course of our investigations. This data is provided in order to help systems administrators guard against the actions of persistent cyber-criminals,” an FBI spokesperson told eWEEK in an email.

      The next question now becomes one of why the hackers were trying to break into voter registration databases. The most likely answer is that it was a routine attack aimed at identity theft. Voter registration databases may contain a significant amount of personal information that can be used in conjunction with other information that’s already been taken from other compromised systems, or it may provide enough information on its own. Depending on the state, the database may contain driver’s license information, social security numbers, full names and addresses, and the like.

      But there’s another possibility that’s much more unsettling. Suppose the voter registration breach is just one part of an attempt to influence the upcoming election in the United States? The information in voter registration data, combined with information taken in the breach of the Democratic Party, and in breaches of other political organizations may be enough to form the baseline data for a sophisticated attack on the election itself.

      Foreign Hackers Allegedly Breach 2 State Election Databases

      According to a study by the Institute for Critical Infrastructure Technology, the voting system in the United States is highly vulnerable. According to James Scott, a senior fellow at the institute, the shift to electronic voting machines following the contested Bush/Gore election resulted in broad reliance on voting machines with little security. Some of these machines are so insecure that they can be attacked through known vulnerabilities using WiFi operated by an attacker in the parking lot near the polling station.

      Tyler Cohen Wood, former Defense Intelligence Agency deputy division chief, said that a more significant threat probably exists in the areas where votes are consolidated by county and state election offices. Vulnerabilities exist through insider threats, the supply chain (including where voting machines are serviced and updated) and through the networks where poll results are tallied.

      “We’ve gone from the hanging chad to where, for the most part, everything is electronic,” said Wood, who is currently cyber-security advisor at Inspired eLearning. “If devices are connected and if there are vulnerabilities, it’s possible for hackers to get in and change the voting.”

      An additional threat pointed out by Scott is that a series of persistent attacks and data exfiltration can undermine the faith in the voting process. While that might not actually change any votes, it can give rise to credibility among those who claim that the voting system is rigged. An increase in such credibility can cause delays through recounts, investigations, legal action and other challenges that could bring chaos to the voting in important elections.

      Unfortunately, a great deal boils down to the motives of the alleged Russian hackers who broke into the voter registration database in Illinois. Was it just a poorly executed attempt at identity theft, or something much more sinister? Until more is known about the attackers, it’s impossible to say.

      But what it does mean is that in this age of state budget shortfalls, it’s still necessary to find the money to improve voting security. While voting security has been a key part of elections in the United States, that doesn’t mean that those elections are necessarily secure. But the states need to find a way to make voting as secure as it can be.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×