FBI detects breaches against two state voter systems

“We know how they got into our system, and we fixed that issue and we’ve looked at similar vulnerabilities to other parts of the site and made sure we didn’t have an opening of the type that was exploited here”, said Ken Menzel, general counsel, Illinois Board of Elections.

The IP addresses listed as sources for the attacks are associated with commercial dedicated and virtual private server hosting companies: U.S. and United Kingdom servers provided by King Servers LTD; Fortunix Networks LP, a custom hosting company with servers in Edinburgh; and Liteserver in Tilburg, the Netherlands.

The Illinois Board of Elections has confirmed there was a breach in the Illinois voter registration system. He also discussed the possibility that the USA election system could be classified as critical infrastructure.

The FBI is investigating a series of suspected foreign hacks of state election computer systems and websites, and has warned states to be on the alert for potential intrusions.

Menzel said that he had been told by the Federal Bureau of Investigation that the attack came from “foreign hackers” and that there was a “possible link” with the attack against the Democratic National Committee servers, which is believed by some to have been carried out by Russian state actors. Rich Barger, chief intelligence officer for cybersecurity firm ThreatConnect, told Yahoo that one of the IP addresses has been identified in Russian criminal underground hacker forums.

“The FBI is requesting that states contact their Board of Elections and determine if any similar activity to their logs, both inbound and outbound, has been detected”, the alert said. “We’re very confident nothing was added, deleted or altered”. The Illinois incident reportedly resulted in the exfiltration of at least 200,000 voters’ personal information.

On an August 15 conference call, Department of Homeland Security Secretary Jeh Johnson highlighted DHS’ resources that can help states secure their voting systems. Johnson also said that DHS was not aware of “specific or credible cybersecurity threats” to the election.

The officials have said recent cyber attacks at the Democratic National Committee and elsewhere within the Democratic Party were probably conducted by people inside the Russian government.Russia has denied any involvement in the cyber attacks.

A Homeland Security spokesman told Yahoo News that that sort of designation “is under consideration”.

Independent assessments have found that many state and local voting system are extremely vulnerable to hacking.