Advertisement

Foreign hackers are targeting federal, state and local IT networks, feds warn

The advisory outlined security steps that election officials can take to ensure their networks are protected.
CISA, DHS, Department of Homeland Security, RSA 2019
The DHS and CISA booth at the 2019 RSA conference in San Francisco. (Scoop News Group photo)

Foreign government-linked hackers have been exploiting old software vulnerabilities in an effort to access federal, state and local computer networks in ongoing activity, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency warned Friday.

The federal advisory, which did not point the finger at a particular foreign government, said that the malicious cyber activity had in some cases “resulted in unauthorized access to elections support systems.” However, FBI and CISA officials said there was “no evidence to date that integrity of elections data has been compromised.”

“Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks,” the FBI and CISA advisory said.

“Elections support systems” are typically IT infrastructure, like email servers, that local government officials use for a range of business, whether related to an election or not. Those systems are not involved in tallying votes.

Advertisement

The FBI and CISA did not elaborate on the motives of the attackers. Foreign espionage groups routinely target government networks in a bid to gather intelligence, whether in election season or not. In some cases, the hackers have been exploiting a recently revealed vulnerability in a protocol that Microsoft uses to authenticate users.  CISA last month ordered federal civilian agencies to apply a software patch for the bug.

The announcement comes as voting in the presidential election is already underway and as federal officials pledge that the election will be the most secure ever. After Russian interference in the 2016 election, which included a sweeping disinformation campaign and the compromise of Illinois’ voter registration database, federal officials have drilled for years with their state and local counterparts to strengthen defenses.

U.S. intelligence officials continue to warn that Russia, China, Iran and other foreign governments have conducted influence operations aimed at the U.S. election.

The advisory outlined security steps that election officials can take to ensure their networks are protected.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts