Two U.S. State Election Databases Hacked, FBI Warns

American officials concerned that foreign hackers, possibly Russian, may try to disrupt the national elections in November.

hacking
REUTERS/Pawel Kopczynski

The FBI has warned election officials across the United States to take steps to enhance the security of their computer systems after uncovering evidence that foreign hackers penetrated two state election databases in recent weeks, according to a report by Yahoo News.

The alert from the FBI's Cyber Division came three days after Homeland Security Secretary Jeh Johnson offered his department’s help to make state voting systems more secure.

It disclosed that the bureau was investigating cyber intrusions against two state election websites this summer, including one that resulted in the “exfiltration,” or theft, of voter registration data.

The alert did not identify the states in question, but sources familiar with the document say it refers to the targeting by suspected foreign hackers of voter registration databases in Arizona and Illinois.

AP

The background to the heightened concern over election security is the suspected intrusion in the database of the Democratic National Committee by Russian hackers and the concern that they may be planning to disrupt the November elections.

The FBI alert listed eight separate IP addresses that were the sources of the two attacks and suggested that the attacks may have been linked, noting that one of the IP addresses was used in both intrusions.

Rich Barger, chief intelligence officer for ThreatConnect, a cybersecurity firm, said that that one of the IP addresses listed in the FBI alert has surfaced before in Russian criminal underground hacker forums.

He added that the method of attack on one of the state election systems resembled methods used in other suspected Russian state-sponsored cyberattacks, including one on the World Anti-Doping Agency this month.

The FBI did not respond to detailed questions about the alert, saying in a statement only that such bulletins are provided “to help systems administrators guard against the actions of persistent cyber criminals.”

Such a formal designation, which would allow state election officials to request federal assistance to protect their voting systems, “is under consideration,” a Homeland Security spokesman told Yahoo News.

Federal and state election officials say that the prospect of a full-blown cyberattack that seriously disrupts the November elections is remote, but not out of the question.