FBI’s need-to-know-only advisory doesn’t specify, but Yahoo News’ sources say it refers to ‘suspected foreign hackers’ targeting voter registration databases in Arizona and Illinois.
Two US states’ election databases have been breached, according to a confidential flash alert issued Aug. 18 by the FBI’s Cyber Division, and obtained by Yahoo News.
The alert, labeled as restricted for “DIRECT NEED TO KNOW” recipients, was issued three days after Homeland Security Secretary Jeh Johnson told election officials, during a Aug. 15 conference call, that the Department of Homeland Security was not aware of “specific or credible cybersecurity threats” to the election.
Johnson also recently said the agency is “thinking about” bringing the country’s election system under its purview to guard it against cyberattacks, designating it as critical infrastructure.
Although the FBI advisory does not identify the states in question, Yahoo News reports that sources familiar with the document say it refers to Arizona and Illinois. Arizona’s election system experienced an unidentified malware infection, reported Yahoo, and Illinois shut its voter registration system down for 10 days in late July after 200,000 voters’ data was exfiltrated.
Presumably, it was the compromise of this Illinois voter database that the FBI described in its alert. According to the document, attackers used Acunetix to discover a SQL injection vulnerability, and then SQLMap to exploit it.
According to Yahoo: “The FBI advisory also listed eight separate IP addresses that were the sources of the two attacks and suggested that the attacks may have been linked, noting that one of the IP addresses was used in both intrusions.”
For more information, see Yahoo News.
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio