Threat Actors Are Still Poking Around the Voter Registration System

The 2016 Presidential Elections is coming , and the only thing that should be on the minds of regular US citizens is whether they want to 'Make America Great Again' or whether they want to be 'Stronger Together.' Privacy should be the last thing they should worry about. At least that's the theory.

Concerns were first raised on August 15 when Homeland Security Secretary, Jeh Johnson, conducted a conference call with state election officials. He said that the Department of Homeland Security is not aware of any "specific or credible cybersecurity threats," but he still urged state election departments to keep a close eye on their systems and look out for any unusual activity.

Just three days Homeland Security's concerns were raised, an interesting FBI alert came out. The bulletin wasn't supposed to reach the media, but Yahoo somehow managed to get hold of it. The document informed departments that attacks had been carried out on two states. According to informants, the hacks targeted Illinois' and Arizona's systems, and the threat actors managed to steal information associated with up to 200,000 Illinoisans.

The significance of the attacks urged security company ThreatConnect to conduct an investigation. The experts concluded that some of the activities performed during the attacks and some of the IPs are consistent with the hacks on the Democratic National Committee and the World Anti-Doping Agency. ThreatConnect researchers said that according to them the information from Illinois Voter Registration System was stolen by Fancy Bear – a group of Russian state-sponsored threat actors.

Once again, election officials were urged to be extremely careful, and rightfully so, as it turns out.

On September 28, the House Judiciary Committee asked FBI Director James Comey whether there have been attacks on voter registration systems outside Illinois and Arizona. The good news is, no attacks have been detected as of yet. The bad news is, there has been some scanning activity which shows that the hackers might attempt another break-in in the not too distant future.

Director Comey was quick to point out that for the time being, the hackers are sniffing around the voter registration system, and not the voting system itself. The machines that will be employed during the elections will not be connected to the Internet which means that hacking into them will be much tougher.

Nevertheless, the threat posed by what ThreatConnect thinks is Fancy Bear is, on its own, quite alarming.