FBI Director James Comey (Photo by Justin Sullivan/Getty Images)
Last Updated Aug 29, 2016 11:47 AM EDT
The FBI has found that hackers accessed Arizona’s and Illinois’s state election databases, CBS News has confirmed.
The bureau issued an alert to state election officials of the attempted hacks, which was sent earlier this month and it referenced two attacks in two states that are under investigation. At least one site was compromised, CBS News confirmed.
The two states that were targeted were Arizona and Illinois, and while the FBI released a statement, it didn’t offer any details.
“The FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations. This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals.”
The intrusions were first reported by Yahoo News on Monday after it obtained a copy of the alert. Yahoo said foreign hackers are responsible.
According to its report, earlier this month, the FBI’s Cyber Division issued an alert that warned: “Targeting Activity Against State Board of Election Systems. The alert said that the FBI was investigating the intrusions into two states’ election websites whereby one resulted in the “exfiltration” or theft of voter registration data.
Only three days earlier, on Aug. 15, Homeland Security Secretary Jeh Johnson held a conference call with state election officials offering to help make states’ voting systems more secure, the report said. Johnson also said that DHS was not aware of “specific or credible cybersecurity threats” to the election.
The alert, Yahoo’s report said, didn’t identify the states that were targeted, but sources told Yahoo that they were Arizona and Illinois. While the Arizona incident appears to be limited, Ilinois’s Board of Elections general counsel Ken Menzel told Yahoo that Illinois had to shut its system down for 10 days in late July and that personal data for up to 200,000 voters had been downloaded.
Menzel told Yahoo that FBI agents confirmed that the people behind the intrusions were foreign hackers, but the bureau didn’t name the country or countries involved. He also told Yahoo that he heard the FBI was seeing whether a “possible link” existed between these attempted hacks and those at the Democratic National Committee and other political groups.
U.S. officials said last month that they believed people working for the Russian government were behind the hack of internal emails at the DNC.
CBS News’ Andres Triay contributed to this story.
After Illinois hack, FBI warns of more attacks on state election board systems
Concern about more attacks mounting as presidential elections approach.
Someone using servers in the US, England, Scotland, and the Netherlands stole voter registration from one state’s Board of Elections website in June and attacked another state’s elections website in August, according to a restricted “Flash” memorandum sent out by the FBI’s Cyber Division. The bureau issued the alert requesting other states check for signs of the same intrusion.
The “Flash” memo, obtained by Yahoo News, was published three days after Secretary of Homeland Security Jeh Johnson offered state officials assistance in securing election systems during a conference call. According to Yahoo’s Michael Isikoff, government officials told him that the attacks were on voter registration databases in Illinois and Arizona. The Illinois system had to be shut down in July for two weeks after the discovery of an attack; the registration information of as many as 200,000 voters may have been exposed. No data was stolen in the Arizona attack, but malware was reportedly planted on the site.
While saying the Department of Homeland Security was unaware of any specific threat to election systems, Johnson offered states assistance from the National Cybersecurity and Communications Integration Center (NCCIC) “to conduct vulnerability scans, provide actionable information and access to other tools and resources for improving cybersecurity,” a DHS spokesperson said, describing the conference call. “The Election Assistance Commission, NIST, and DOJ are available to offer support and assistance in protecting against cyber attacks.”
The successful hack of the Illinois system began with a scan of the state election board’s site withAcunetix, a commercial vulnerability scanning tool used to discover SQL injection vulnerabilities and other site weaknesses. The attacker used information on an SQL injection bug to then useSqlMap, an open source tool, to access user credentials and data, and the DirBuster tool to discover hidden files and directories on the Web server. Yahoo reports that officials suspected “foreign hackers” for the attack.
Ars attempted to contact Acunetix for comment, but received no response.
The IP addresses listed as sources for the attacks are associated with commercial dedicated and virtual private server hosting companies: US and UK servers provided by King Servers LTD;Fortunix Networks LP, a custom hosting company with servers in Edinburgh; and Liteserver in Tilburg, the Netherlands. The use of virtual private servers (likely purchased with WebMoney, bitcoin, or some other anonymous currency) and off-the-shelf tools doesn’t suggest any significant amount of sophistication on the part of the attackers. But state government sites like those affected so far are typically not hardened against attack, so sophistication wouldn’t necessarily be required.
Hillary Clinton says she and Bill were ‘dead broke’
By Jon Greenberg, Politifact,
U.N. Admits Role In Haiti Cholera Outbreak That Has Killed Thousands
The IRS “Targeted” 426 Conservative Groups for “Special Scrutiny” Due to Their Political Beliefs — Eric Holder’s Justice Department, Backed Up by President Obama, Gave Citizens Plenty of Reasons To Distrust Their Government
The Trump campaign has assembled a list of many recent articles about the Clinton Foundation, Here:
Tags: Arizona, cyber, cyber security, cyberespioange, cybersecurity, Democratic National Committee emails, election computer databases, FBI, FBI agents confirmed that the people behind the intrusions were foreign hackers, FBI alert to alert to state election officials, FBI Director James Comey, FBI’s Cyber Division, hack, hack of internal emails at the DNC, hackers, hacking, Homeland Security Secretary Jeh Johnson, Ilinois’s Board of Elections, Illinois, Michael Isikoff, National Cybersecurity and Communications Integration Center NCCIC, people working for the Russian government, Targeting Activity Against State Board of Election Systems, U.S. states had hackers collect voter information, voter registration information, Yahoo News