The FBI has reportedly found evidence that foreign hackers breached two state election databases in recent weeks.
An FBI alert warning election officials about the breach was leaked, and it was posted in a report by Yahoo News. Voter registration databases from both Illinois and Arizona were targeted in the hacks, according to the report.
The report does not identify the states in question, but sources familiar with the document say it refers to the targeting by suspected foreign hackers of voter registration databases in Arizona and Illinois. In the Illinois case, officials were forced to shut down the state’s voter registration system for 10 days in late July, after the hackers managed to download personal data on up to 200,000 state voters, Ken Menzel, the general counsel of the Illinois Board of Elections, said in an interview. The Arizona attack was more limited, involving malicious software that was introduced into its voter registration system but no successful exfiltration of data, a state official said.
However, it’s unclear if the hacking of the state election databases is linked with Russia or any of the other recent breaches.
According to the FBI’s alert, “an unknown actor” attacked a state election database by using widely available penetrating testing tools, including Acunetix, SQLMap, and DirBuster.
The hackers then found an SQL injection vulnerability — a common attack point in websites — and exploited it to steal the data. The FBI has traced the attacks to eight IP addresses, which appear to be hosted from companies based in Bulgaria, the Netherlands, and Russia.
As a result, the FBI alert urges state officials to take additional steps to secure their systems, including conducting “vulnerability scans” of their databases. In addition, the bulletin urges officials to sharply restrict access to their databases. “Implement the principle of least privilege for database accounts,” the FBI alert reads. It adds that “any given user should have access to only the bare minimum set of resources required to perform business tasks.”