The FBI is reporting that the election systems of Arizona and Illinois have been breached by foreign hackers which means other states should be on alert. Illinois was forced to shut down the voters registration process after they learned foreign hackers got a hold of 200,000 voters’ personal information.
The FBI received information of an additional IP address, 18.104.22.168, which was detected in the July 2016 compromise of a state’s Board of Election Web site. Additionally, in August 2016 attempted intrusion activities into another state’s Board of Election system identified the IP address, 22.214.171.124 used in the aforementioned compromise.
In late June 2016, an unknown actor scanned a state’s Board of Election website for vulnerabilities using Acunetix, and after identifying a Structured Query Language (SQL) injection (SQLi) vulnerability, used SQLmap to target the state website. The majority of the data exfiltration occurred in mid-July. There were 7 suspicious IPs and penetration testing tools Acunetix, SQLMap, and DirBuster used by the actor.
With the presidential election upon us soon, information security is of the utmost importance. Foreign hackers seem to have been able to get into the Democratic National Committee as well as other government entities extracting information and personal details at will. The Arizona incident didn’t seem to be as severe as the Illinois one as the hackers were able to get personal details in Illinois. The Arizona incident consisted of finding malicious software attempting to compromise the system.
This is yet another reminder that if hackers want something bad enough, they will find a way to get to it. Our federal and local governments need to step it up and keep one stride ahead of these bad guys if they want to prevent or minimize the damage hackers of any kind can cause.
What do you think of this latest government breach? Let us know in the comments below or on Twitter, Facebook and Google+.