Arizona and Illinois election systems targeted by foreign hackers

Arizona and Illinois election systems targeted by foreign hackers

Election systems in Arizona and Illinois were the target of foreign hackers earlier this summer, according to a report in Yahoo News.

On Aug. 18, the FBI Cyber Division issued a warning titled “Targeting Activity against State Board of Election Systems,” which did not specify which states had been the victim of the hack. But Yahoo News quotes “sources familiar with the document” who said Arizona and Illinois were the targets.

An Illinois official told Yahoo that the attack resulted in the exfiltration of personal information for 200,000 Illinois voters. There was no information downloaded in the Arizona hack.

On an Aug. 15 conference call, Department of Homeland Security Secretary Jeh Johnson highlighted DHS’ resources that can help states secure their voting systems. He also discussed the possibility that the U.S. election system could be classified as critical infrastructure. This classification would give DHS oversight and security responsibilities for the election system the same way that it works with the power grid or the financial services sector.

Officials think the hacks in Arizona and Illinois could be connected because there was an IP address that appeared in both attacks. On cybersecurity professional told Yahoo that one of the IP addresses listed in the alert has shown up in connection with Russian hacker forums.

To help states harden their systems, the FBI shared a number of security measures via the Multi-State Information Sharing and Analysis Center (MS-ISAC). Recommendations  included conducting vulnerability scans, patching software and applications, validating user input before forwarding to a database and using static queries.

Thomas F. Duffy,  chair of MS-ISAC, spoke on the threat directed at the voting system earlier this month at the National Association of State Technology Directors annual conference. “How secure are our voting systems? There has been a lot of talk of voter registration databases being probed, and we’ve confirmed that people are doing phishing campaigns at local elected officials, some of that successful.”

Duffy said these databases were basically “big telephone directories” with the only personal information being date of birth. One audience member suggested this information could allow hackers to influence elections by targeting  younger people who are less likely to vote.

“You’re going to hear a lot of buzz on this over the next month or two,” Duffy said, “So if you haven’t anticipated it, anticipate it now.”

About the Author

Matt Leonard is a reporter/producer at GCN.

Before joining GCN, Leonard worked as a local reporter for The Smithfield Times in southeastern Virginia. In his time there he wrote about town council meetings, local crime and what to do if a beaver dam floods your back yard. Over the last few years, he has spent time at The Commonwealth Times, The Denver Post and WTVR-CBS 6. He is a graduate of Virginia Commonwealth University, where he received the faculty award for print and online journalism.

Leonard can be contacted at mleonard@gcn.com or follow him on Twitter @Matt_Lnrd.

Click here for previous articles by Leonard.


inside gcn

  • Pushing cybersecurity for counties

Reader Comments

Tue, Aug 30, 2016

The FSB hacked the Democratic Party, in an attempt to assist their candidate Trump. In this, they were moderately successful. Here, their reasons aren't quite so obvious. Perhaps to erode voter confidence in the system in two key States? It will eventually become clear. So, the question is, why would they support Trump? Yes, his statements about not defending NATO allies certainly endeared him to Putin. As did his idiotic statements about how Putin would never invade Ukraine, with Russia having already done so. And, there is their bromance, with loving exchanges of insipid compliments. But, perhaps there is more? Money? Foreign investments? Where? Foreign investors? From where? Let's see those tax returns.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group