The report by the FBI and the Department of Homeland Security is a reminder of Russia’s strong capabilities, even when US officials warn of Iranian interference.
WASHINGTON – Editor’s Note: The above video was posted on Wednesday.
US officials said Thursday that Russian hackers have attacked the networks of dozens of state and local governments across the United States in the past few days, stealing data from at least two servers. The warning, less than two weeks before the election, heightened fears that the vote could be rigged and confidence in the results undermined.
The warning describes an onslaught of recent activities by Russian government-sponsored hacking groups in recent days against state and local networks, some of which have been successfully compromised. The opinion from the FBI and the Department of Homeland Security’s cybersecurity agency recalls Russia’s strong capabilities and continued meddling in the elections, even after US officials publicly called on Iran at a press conference Wednesday evening.
The advisory does not mention any of the specific victims targeted, but officials say they have no information that elections or government operations were affected, or that the integrity of election data was compromised.
“However, the actor may be looking for access in order to obtain future options for disruption, to influence US politics and actions or to delegitimize (state and local) government agencies,” said the adviser.
U.S. officials repeatedly said it was extremely difficult for hackers to change the voting count in a meaningful way, but warned of other methods of interference that could include cyberattacks on networks to hinder the voting process or the production of fake websites or other bogus content, aimed at making voters distrust the results.
A major problem, especially at the municipal level, was that hackers could break into a county network and then work their way through to election-related systems unless certain defensive measures such as firewalls were in place. This is especially true for smaller countries that don’t have as much money and IT support as their larger counterparts to fund security upgrades.
US officials warned at a hastily convened press conference Wednesday evening that Russia and Iran had received voting information, although such data is sometimes publicly available. However, the main focus of this event was on Iran, which officials linked to a series of threatening but fake emails aimed at intimidating voters in several battlefield states.
Despite these activities, Russia is widely seen as the greater threat to the elections in the cybersecurity community. The US has said that Russia, which interfered in the 2016 election by hacking Democratic email accounts, is stepping back again this year, including through concerted efforts to denigrate President Donald Trump’s Democratic opponent Joe Biden.
US officials attribute the activity to a government sponsored hacking group known in the cybersecurity community as DragonFly and Energetic Bear. The group appears to have been in operation since at least 2011 and is known to have cyber espionage at energy companies and power grid operators in the US and Europe, as well as defense and aerospace companies.
Chris Krebs, director of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said Thursday that the warning was issued regarding scanning county networks for vulnerabilities not specifically targeting the elections. “In a few cases there was access to an election-related network,” he said.
Associate press writer Frank Bajak in Boston, Christina A. Cassidy in Atlanta, and Ben Fox in Washington contributed to this report.