FBI, DHS Warn Foreign State Hackers Have Access to Election Systems

12

The FBI and the Cybersecurity & Infrastructure Security Agency (CISA) have issued a warning that hackers – and possibly hackers associated with nation-states – have infiltrated the US governments cyber networks.

In the joint alert, the CISA, which is a division of the Department of Homeland Security, that in its detection of the breach they can conclude that there has been some unauthorized access to election support systems.

The agency said that, to date, there is no evidence that the integrity of elections data was compromised. They also indicated that “it does not appear these targets are being selected because of their proximity to elections information.”

But officials at the CISA did suggest that data associated with election systems are vulnerable to compromise. “There are steps that election officials, their supporting…IT staff, and vendors can take to help defend against this malicious cyber activity,” they wrote in the statement.

The hackers achieved access by exploiting a combination of vulnerabilities (“vulnerability chaining”) that targeted a Virtual Private Network, or VPN. Vulnerability chaining is a tactic used to targeted federal, state, local, tribal, and territorial government networks, along with critical infrastructure, and elections organizations.

In September, Microsoft issued information that they detected Russian, Chinese and Iranian actors targeting the 2020 US elections. They again detected specific threats to the US election infrastructure in October, citing an ongoing hacking campaign by a “threat actor” described as a “financially motivated nation-state actor.”

Questions remain as to why Microsoft hasn’t more aggressively sought to disrupt these threats and why they haven’t been more resolute in pursuing legislation that would internet tech giants to hobble nefarious actors in the cyber-sphere.