Foreign Hackers Breached Two US State Election Databases
The news publication says it saw a secret “flash” alert sent out by the FBI to the State Board of Elections across the US.
The “flash” alert, titled “Targeting Activity Against State Board of Election Systems,” told state officials about the two hacks and urged them to audit their IT systems for any possible weaknesses that might be exploited by attackers.
Hackers stole 200,000 voter details from the state of Illinois
The alert didn’t include the name of the two hacked Board of Elections, but Yahoo claims they’re Arizona and Illinois.
Ken Menzel, the general counsel of the Illinois Board of Elections, has confirmed the breach to the Yahoo reporter and said the attack took place in the span of ten days in July, and the hackers managed to steal around 200,000 state voter records.
Attackers also compromised Arizona’s Board of Elections IT system but did not manage to take any data, local officials have told Yahoo.
ThreatConnect: Attacks may be linked to Russian-based hackers
An interesting detail included in the FBI alert was a list of eight IP addresses that the FBI considered suspicious and potentially related to the intrusion. The FBI asked other states to check their logs for these IPs.
A ThreatConnect expert has told Yahoo that one of the IPs was spotted on Russian underground hacking forums.
He has also said the tools used to scan the state election systems for vulnerabilities are similar to the ones used by Russian threat actors in recent campaigns, more precisely, in the hacking of the World Anti-Doping Agency (WADA) and Court of Arbitration for Sport (TAS, also CAS). ThreatConnect had previously linked the WADA attacks to the DNC and DCCC hacks, which they said were carried out by Russian state-sponsored cyber-intelligence groups.
The ThreatConnect expert did not elaborate on his statements, nor did he provide any technical details, and at this point, his comment may be a generic attribution cliche. No doubt, based on ThreatConnect’s past in-depth reports, the company will likely follow through on its statements with new research in the upcoming days.
US voter information is already out there
US voters panicking about having their voter information in the hands of Russian hackers should know that, this past June, a US company leaked the personal details of 154 million voters. The same thing happened in December 2015, when another business leaked the personal details of over 191 million US voters.
This latter data made its way on the Dark Web and could be easily bought for a few Bitcoin. Most likely, this data is in the hands of more than just Russian hackers.
Either way, the FBI is more interested in preventing automated attacks that might leverage this data and attempt to rig the US Presidential election that’s to take place this fall.