A recent advisory from the United States Cybersecurity Agency reveals another alarming incident related to US election activities. It was known that a group of Iranian hackers infiltrated and accessed a large number of US voters’ registration information and attempted to access similar contents from other states. According to undisclosed sources, the attacks were coordinated, went on for a few months, and was clearly aimed at the election process to possibly sabotage and create substantial damage to the integrity of the election event.
The United States Federal Bureau of Investigation (FBI), working together with the Department of Homeland Security (DHS) with its Cybersecurity Infrastructure Security Agency (CISA) unit, conducted the immediate investigation and probing on the matter. The attack was clearly a coordinated effort to interfere in the election proceedings, according to them.
FBI also confirmed that the Iranian hackers were the same group that attacked the Democrats side of the fence and its loyal supporters just last month.
The attacks were executed using fake emails and threats that looked like legitimate government agencies and state organizations.
The hackers used whatever data they’ve stolen and created several contents, including a video distributed to over 3,000 Democrat party members and officials, threatening them with possible violent repercussions if they didn’t vote for and re-elect President Trump. The hackers deliberately used email addresses that were falsely linked to the Proud Boys Group, a right-wing partisan with enough troubles of their own. The alleged video claimed to have submitted numerous ballots on several US states, but it had nothing to do, or it had no affiliation with the Proud Boys Group. This was stated by John Ratcliffe – US Director for National Intelligence.
The FBI and Mr. Ratcliffe stated that the breach occurred last September and persisted until last Friday. A legal web scanning tool called Acunetix was utilized by the hackers to perform the initial intrusion last September and followed by a series of conventional hacking techniques as soon as they are on the network.
September was the first phase, and October paved the way to a more” State-specific” approach. The hackers have started to target local state networks and infrastructures, inching their way from one state to another. Their coordinated efforts eventually bore fruit, and they were able to acquire a huge number of electoral data during their attacks.
Their attacks were somewhat an attempt to duplicate or copy the Russian hackers’ efforts back in 2016, which also targeted the election system. The Russian hackers successfully copied the election and voters’ data for one state and two Florida counties back then. This was all made before the November elections, and there were more than 10 people charged for the electoral sabotage.
Director Ratcliffe and the FBI also stated that while the Iranian Hackers tried to exploit network misconfigurations and other SQL vulnerabilities, the attack was not all that successful. Intelligence reports and security researchers claim that just like the 2016 hacks, no changes or alterations to voting data and processes were compromised.