FBI investigating foreign hacks of election systems
States told to check if computers show possible intrusions.
The FBI is investigating a series of suspected foreign hacks of state election computer systems and websites, and has warned states to be on the alert for potential intrusions.
The Aug. 18 warning, issued after two states suffered intrusions into their systems, comes amid heightened concern over Russian hacks of Democratic party organizations and possible meddling in the presidential election.
The FBI “flash” alert, which is not intended for general public release, listed IP addresses and other technical fingerprints associated with the hacks.
“The FBI is requesting that states contact their Board of Elections and determine if any similar activity to their logs, both inbound and outbound, has been detected,” said the FBI’ alert, which was first reported by Yahoo News.
The warning did not name the states that were targeted. But in June, the Arizona Secretary of State’s Office shut down part of its website after the FBI found a potential threat to its state voter registration system, according to The Arizona Republic.
And in July, the Illinois Voter Registration System suffered a cyber intrusion in which hackers were able to retrieve a number of voter records, according to a message from the Illinois State Board of Elections.
The intrusion led the state election board to shut down the voter registration system for a week.
“This was a highly sophisticated attack most likely from a foreign (international) entity,” said Kyle Thomas, the Illinois board’s director of voting and registration systems, in the message.
The FBI declined official comment other than to note it “routinely advises private industry of various cyber threat indicators” it turns up in investigations.
The FBI has told Illinois officials that they’re looking at possible foreign government agencies as well as criminal hackers, said Ken Menzel, general counsel for the Illinois Board of Elections.
The system has long been targeted by hackers, he said. But this hack “is to our knowledge the first time anyone has gotten in,” he said. “It’s not for lack of trying.” He said “we’re highly confident that nothing was added, deleted or altered.” The amount of voter data that was accessed was “a fairly small percentage of the total,” he said.
He added that federal authorities did not inform him of any other successful intrusions in any other state, aside from Arizona.
Meanwhile, some private sector researchers say some of the information released by the FBI points to a potential Russian link, though they caution their work is preliminary. Rich Barger, chief information officer at ThreatConnect, said that several of the IP addresses trace back to a website hosting service called King Servers that offers Russia-based technical support.