US election databases and voter information are being targeted in state-sponsored attacks, the FBI has warned. Illinois has already admitted that it was hit by a SQL injection attack recently, and has taken down its database as a precaution.
The FBI has reportedly sent out an alert to governments, which was predictably leaked to Yahoo News. The Yahoo report said that the FBI alert is called 'Targeting Activity Against State Board of Election Systems', which probably drew some attention, and warned about two already known incidents, one of which resulted in the "exfiltration" of voter information.
One of these incidents took place in July. The FBI is keeping its cards close to its chest, but we have asked the agency to confirm the alert and the reported incidents.
An official with the Illinois State Board of Elections (SBE) took to Facebook in July to explain a problem that they were having locally.
"Our voting system through SBE has been 'down' for several days; now we know why. #hacked. They were able to retrieve a number of voter records. We are in the process of determining the exact number of voter records and specific names of all individuals affected," said the official.
The post explained that access was gained through the public web page by means of a SQL injection attack.
"The method used was SQL injection. The offenders were able to inject SQL database queries into the IVRS database in order to access information. This was a highly sophisticated attack most likely from a foreign (international) entity," said the official.
Yahoo reported that the other affected state is Arizona, from which we are still waiting to hear.
V3's sister site The Inquirer has recently reported on a couple of politically motivated cyber attacks, including one on the Democratic Party that was claimed by infamous hacker Guccifer 2.0.
Apple squashes Steam Link app on 'business conflicts' grounds
Philip Hammond wants to forget rules that the UK agreed with the EU to ban non-European companies from the satellites
Instapaper to 'go dark' in Europe until it can work out GDPR compliance
James Robbins of ArrowXL says that AI is no longer 'tomorrow's technology'