A secret FBI memo urged states to beef up the security of their voter databases, blaming unspecified “foreign hackers” for two intrusions earlier this summer. The revelation is prompting renewed calls for the federal protection of voting systems.
On August 18, the FBI’s Cyber Division sent out a warning bulletin, titled “Targeting Activity Against State Board of Election Systems,” confirming that the bureau had been investigating breaches of two state election systems, one of which resulted in “exfiltration” of voter registration data. The bulletin was labeled “NEED TO KNOW recipients,” but Yahoo news obtained a copy and reported on it Monday.
Though the FBI memo did not name the two states affected, “sources familiar with the document” told Yahoo News investigative reporter Michael Isikoff that the warning related to breaches of voter registration databases in Arizona and Illinois.
On June 30, The Arizona Republic reported that the FBI had shut down a portion of the state’s voter registration website after finding malicious software on it. The mid-July breach in Illinois appears to have been more serious, with hackers downloading personal data of up to 200,000 voters, according to Ken Menzel, the general counsel for the state’s Board of Elections.
The bulletin lists eight IP addresses from which the attacks supposedly originated and notes that one address was involved in both hacks.
“The FBI is requesting that states contact their Board of Elections and determine if any similar activity to their logs, both inbound and outbound, has been detected,” the bulletin reads, according to Yahoo. “Attempts should not be made to touch or ping the IP addresses directly.”
Yahoo showed the FBI bulletin to Richard Barger, executive at the Virginia-based cybersecurity firm ThreatConnect and one of the frequently cited sources blaming the hack of the Democratic National Committee on Russia. One of the IP addresses “has surfaced before in Russian criminal underground hacker forums,” Barger said.
“This is a big deal,” he added. “This certainly should be concerning to the common American voter.”
The FBI is emphatically not pointing any fingers at this point in time, however. The bulletin advises the states to “implement the principle of least privilege for database accounts” and ensure that “any given user should have access to only the bare minimum set of resources required to perform business tasks.”
Most US states use voting machines that scan paper ballots – which can be consulted in case of a discrepancy. Both Arizona and Illinois fall into this category. On the other hand, New Jersey, Delaware, South Carolina, Georgia and Louisiana were using only Direct-recording Electronic voting machines (DRE) without paper backup as of October 2015. Parts of Texas, Florida, Kentucky, Tennessee, Indiana, Virginia and Pennsylvania also use DREs without any paper ballots. If these machines were altered, there would be no way to verify the actual voting results.
After Wikileaks published the DNC emails in July, the Democrats’ leadership pointed the finger at Russia and accused Moscow of “interfering” with US elections on behalf of the Republican nominee Donald Trump.
In the wake of the scandal, a group of homeland security experts at the Aspen Institute called for the federal government to treat voting processes and results as critical infrastructure. Among the signatories were prominent Hillary Clinton supporters such as ex-CIA director Michael Morell, former New York police Commissioner William Bratton, and former Homeland Security Secretary Michael Chertoff.