FBI alert suggests state voter lists may be under hacker assault

Two states – Illinois and Arizona have reported that their voter registration lists have been penetrated by hackers, prompting the FBI to issue an unprecedented alert to all 50 states about the possibility that a foreign government may be trying to sabotage the November election.

Politico:

It’s possible that the motivation behind the two state hacks was less about the political system and more about cash. Voter registration data sets include valuable information — such as names, birth dates, phone numbers and physical and email addresses — that criminal hackers can bundle and flip on the black-market “dark web” for thousands of dollars.

But some cyber experts said the FBI’s alert, first revealed by Yahoo News on Monday, could be a sign that investigators are worried that foreign actors are attempting a wide-scale digital onslaught.

A former lead agent in the FBI’s Cyber Division said the hackers’ use of a particular attack tool and the level of the FBI’s alert “more than likely means nation-state attackers.” The alert was coded “Amber,” designating messages with sensitive information that “should not be widely distributed and should not be made public,” the ex-official said.

One person who works with state election officials called the FBI’s memo “completely unprecedented.”

“There’s never been an alert like that before that we know of,” said the person, who requested anonymity to discuss sensitive intergovernmental conversations.

Multiple former officials and security researchers said the cyberattacks on Arizona’s and Illinois’ voter databases could be part of a suspected Russian attempt to meddle in the U.S. election, a campaign that has already included successful intrusions at major Democratic Party organizations and the selective leaking of documents embarrassing to Democrats. Hillary Clinton’s campaign has alleged that the digital attacks on her party are an effort by Russian President Vladimir Putin’s regime to sway the election to GOP nominee Donald Trump. Moscow has denied any involvement.

Hacking state election offices could offer new tools for affecting the outcome of the vote.

Having access to voter rolls, for example, could allow hackers to digitally alter or delete registration information, potentially denying people a chance to vote on Election Day. Or news of the attack could simply fuel further distrust in the U.S. election system, which Trump has repeatedly alleged is “rigged.”

The hackers wouldn't have to manipulate the numbers to upend the election.  Sowing mass confusion by wholesale deletions of registered voters would accomplish the same goal: delegitimize the results.

I guess it depends on whether the hackers are explicitly doing the Kremlin's bidding or are free agents connected to the Russian government but not interested in its geopolitical goals.  The latter suggests simple theft.  The former is unthinkable not only for the effect on our election, but because such an attack would constutute an act of war as surely as if Russian bombs fell on an American city. 

This is a case of it's better to be safe than sorry.  Taking steps to prevent any penetration of our voter registration lists, as well as voting machines and other electoral cyber-infrastructure, should be priority one in all 50 states.

Two states – Illinois and Arizona have reported that their voter registration lists have been penetrated by hackers, prompting the FBI to issue an unprecedented alert to all 50 states about the possibility that a foreign government may be trying to sabotage the November election.

Politico:

It’s possible that the motivation behind the two state hacks was less about the political system and more about cash. Voter registration data sets include valuable information — such as names, birth dates, phone numbers and physical and email addresses — that criminal hackers can bundle and flip on the black-market “dark web” for thousands of dollars.

But some cyber experts said the FBI’s alert, first revealed by Yahoo News on Monday, could be a sign that investigators are worried that foreign actors are attempting a wide-scale digital onslaught.

A former lead agent in the FBI’s Cyber Division said the hackers’ use of a particular attack tool and the level of the FBI’s alert “more than likely means nation-state attackers.” The alert was coded “Amber,” designating messages with sensitive information that “should not be widely distributed and should not be made public,” the ex-official said.

One person who works with state election officials called the FBI’s memo “completely unprecedented.”

“There’s never been an alert like that before that we know of,” said the person, who requested anonymity to discuss sensitive intergovernmental conversations.

Multiple former officials and security researchers said the cyberattacks on Arizona’s and Illinois’ voter databases could be part of a suspected Russian attempt to meddle in the U.S. election, a campaign that has already included successful intrusions at major Democratic Party organizations and the selective leaking of documents embarrassing to Democrats. Hillary Clinton’s campaign has alleged that the digital attacks on her party are an effort by Russian President Vladimir Putin’s regime to sway the election to GOP nominee Donald Trump. Moscow has denied any involvement.

Hacking state election offices could offer new tools for affecting the outcome of the vote.

Having access to voter rolls, for example, could allow hackers to digitally alter or delete registration information, potentially denying people a chance to vote on Election Day. Or news of the attack could simply fuel further distrust in the U.S. election system, which Trump has repeatedly alleged is “rigged.”

The hackers wouldn't have to manipulate the numbers to upend the election.  Sowing mass confusion by wholesale deletions of registered voters would accomplish the same goal: delegitimize the results.

I guess it depends on whether the hackers are explicitly doing the Kremlin's bidding or are free agents connected to the Russian government but not interested in its geopolitical goals.  The latter suggests simple theft.  The former is unthinkable not only for the effect on our election, but because such an attack would constutute an act of war as surely as if Russian bombs fell on an American city. 

This is a case of it's better to be safe than sorry.  Taking steps to prevent any penetration of our voter registration lists, as well as voting machines and other electoral cyber-infrastructure, should be priority one in all 50 states.