Federal and state officials have confirmed that cyberattacks against state voting systems during the 2016 election were more widespread than previously disclosed to the public, but they said the heightened activity did not impact final vote tallies.
The confirmations follow Tuesday’s Bloomberg report, citing three unnamed sources, that attempts to influence the 2016 presidential election were much greater than previously disclosed to the public. Still, officials pushed back on the revelation that 39 states were “hit” by Russian attackers.
“Unusual or suspicious activity” was detected in several states during the months leading up to the November election, a DHS official who asked not to be identified told the E-Commerce Times. However, that activity was not necessarily considered an attack. Nor was it necessarily attributed to Russia.
The majority of the activity involved scanning and attempting to steal data from voter registration databases. However, voter tallies were not impacted by the hackers.
“Our past election demonstrated that cybercriminals are aggressively targeting our government’s critical infrastructure to gain access to sensitive information and cause widespread damage,” said Ryan Kalember, senior vice president of cyber security strategy at Proofpoint.
Cybercriminals have been trying to take advantage of the United States’ “vulnerable, decentralized structure” to gain access to as much information as possible, he told the E-Commerce Times.
Although their motivation is not clear, and there’s no certainty about what cyberthieves have learned, it is likely they could use the information gleaned to mount future attacks, Kalember warned.
Illinois and Arizona are the only two states that the FBI and DHS have identified as victims of intrusion by Russian cyberattackers during the 2016 elections, according to a report released earlier this year by the National Association of Secretaries of State, which regulates elections in 40 states.
However, numerous other state systems were scanned or probed by the Russians, based on U.S. intelligence data, but were not breached, according to the report.
“Everybody’s alertness level is at an even higher pitch than it was before,” said Ken Menzel, general counsel of Illinois State Board of Elections.
Post-election investigations of other states’ systems turned up signatures that were similar to those of the hackers who breached the Illinois voter databases, he told the E-Commerce Times, but he did not know which…