News & Politics

FBI: Foreign Hackers Breached State Election Databases

The FBI is warning U.S. election officials to increase computer security measures after two state election databases were penetrated by foreign hackers.

Investigative reporter Michael Isikoff of Yahoo News reported Monday that the cyber attacks occurred in Illinois and Arizona in recent weeks.

According to Isikoff, the breach in Illinois forced election officials to shut down the voter registration database for ten days after hackers managed to obtain personal data on up to 200,000 state voters. The Arizona attack involved malicious software that also targeted the voter registration system, but the hackers were not successful in obtaining the data.

The FBI warning, contained in a “flash” alert from the FBI’s Cyber Division, a copy of which was obtained by Yahoo News, comes amid heightened concerns among U.S. intelligence officials about the possibility of cyberintrusions, potentially by Russian state-sponsored hackers, aimed at disrupting the November elections.

Those concerns prompted Homeland Security Secretary Jeh Johnson to convene a conference call with state election officials on Aug. 15, in which he offered his department’s help to make state voting systems more secure, including providing federal cyber security experts to scan for vulnerabilities, according to a “readout” of the call released by the department.

Johnson emphasized in the call that Homeland Security was not aware of “specific or credible cybersecurity threats” to the election, officials said. But three days after that call, the FBI Cyber Division issued a potentially more disturbing warning, entitled “Targeting Activity Against State Board of Election Systems.” The alert, labeled as restricted for “NEED TO KNOW recipients,” disclosed that the bureau was investigating cyberintrusions against two state election websites this summer, including one that resulted in the “exfiltration,” or theft, of voter registration data. “It was an eye opener,” one senior law enforcement official said of the bureau’s discovery of the intrusions. “We believe it’s kind of serious, and we’re investigating.”

***

The FBI bulletin listed eight separate IP addresses that were the sources of the two attacks and suggested that the attacks may have been linked, noting that one of the IP addresses was used in both intrusions. The bulletin implied that the bureau was looking for any signs that the attacks may have been attempting to target even more than the two states. “The FBI is requesting that states contact their Board of Elections and determine if any similar activity to their logs, both inbound and outbound, has been detected,” the alert reads. “Attempts should not be made to touch or ping the IP addresses directly.”

“This is a big deal,” said Rich Barger, chief intelligence officer for ThreatConnect, a cybersecurity firm, who reviewed the FBI alert at the request of Yahoo News. “Two state election boards have been popped, and data has been taken. This certainly should be concerning to the common American voter.”

According to National Public Radio, the breaches in Arizona and Illinois occurred in June and July, respectively. NPR referred to the hacks in a report on August 1 about the possibility that a U.S. election could get hacked.

Just a week and a half ago, Illinois election officials shut down that state’s voter registration database after discovering it had been hacked. In June, Arizona took its voter registration system offline after the FBI warned it too might have been hacked, although no evidence of that was found.

The breaches come amid repeated accusations by Republican presidential candidate Donald Trump that the U.S. election system is “rigged.”

The good news, according to NPR, is that increasing numbers of voters are now using machines that have paper backups to double-check any suspicious results.

“Today, 80 percent of Americans will vote either on a paper ballot that’s read by a scanner, or on an electronic voting machine that has a paper trail that they can review,” says Larry Norden with the Brennan Center for Justice in New York.

But that also means 20 percent of voters don’t use a paper-backed system — including a large number in the key battleground states of Pennsylvania and Virginia. Security experts argue that if those machines are hacked, it might be almost impossible to know. Norden thinks election officials have to take steps now to ensure it doesn’t happen.

“Every single machine before it’s used should get a thorough test to make sure that there aren’t problems, that the machines are recording votes correctly, that nothing is missing, no names are missing from the ballot,” he says.

And wherever possible, he adds, there should be paper records to back up voter registration databases, which are increasingly online.

The FBI bulletin urges state officials to conduct “vulnerability scans” of their databases and to restrict access: “Implement the principle of least privilege for database accounts,” the FBI alert reads. Additionally, “any given user should have access to only the bare minimum set of resources required to perform business tasks.”