Leaked FBI Document Reveals Hackers have Successfully Penetrated United States Election Systems

A leaked document, authored by the United States Domestic Intelligence and Security Service Agency, the Federal Bureau of Investigation (FBI) has revealed that hackers have successfully penetrated the country’s election systems.

The document was obtained by Yahoo News. The FBI claimed in the document that the hackers were foreigners, and that it has duly warned elections officials in the country of the cyber vulnerability of their systems.

According to Yahoo News, it obtained the leaked document on Monday August 29, 2016. The document was dated on August 18, 2016. It was contained in a Flash Alert from the FBI’s Cyber Division, which was supposed to be kept from public knowledge.

The document stated explicitly that the FBI had uncovered evidence showing that at least two state election systems were penetrated by hackers in the weeks of August 2016. It claimed the FBI has issued warnings to election officials across the country, asking to ramp up security on their systems.

The FBI did not name the states attacked, but described the nature of the attack, listing the Internet Protocol addresses used in the hack.

The summary section of the document stated: “The FBI received information of an additional IP address, 5.149.249.172, which was detected in the July 2016 compromise of a state’s Board of Election Web site. Additionally, in August 2016 attempted intrusion activities into another state’s Board of Election system identified the IP address, 185.104.9.39 used in the aforementioned compromise.”

The Technical Details of the document also revealed: “The following information was released by the MS-ISAC on 1 August 2016, which was derived through the course of the investigation. In late June 2016, an unknown actor scanned a state’s Board of Election website for vulnerabilities using Acunetix, and after identifying a Structured Query Language (SQL) injection (SQLi) vulnerability, used SQLmap to target the state website. The majority of the data exfiltration occurred in mid-July. There were 7 suspicious IPs and penetration testing tools Acunetix, SQLMap, and DirBuster used by the actor, detailed in the indicators section below.”

Yahoo News reports that sources familiar with the document say it refers to the targeting by suspected foreign hackers of voter registration databases in Arizona and Illinois.  It is said in the Illinois case, officials were forced to shut down the state’s voter registration system for ten days in late July, after the hackers managed to download personal data of up to 200,000 state voters. Yahoo News claims the general counsel of the Illinois Board of Elections, Ken Menzel revealed this in an interview.

On the Arizona case, the news outlet says the attack was more limited, and that it involved malicious software that was introduced into its voter registration system, but no data was taken.

Rich Barger, the Chief Intelligence Officer for ThreatConnect, a cybersecurity firm, who reviewed the leaked document, told Yahoo News the American public should worry about the election system in the country.  He said: “This is a big deal. Two state election boards have been popped, and data has been taken. This certainly should be concerning to the common American voter.”

Commenting on the issue, chairman of the Federal Election Assistance Commission, Tom Hicks said all states in the country should check their election systems, in order to ensure public confidence in the electoral process.

The United States Secretary of Homeland Security, Jeh Johnson claimed he has convened a conference call with state election officials, offering to help to make their voting systems more secure by providing federal cyber security experts, which would scan their systems for vulnerabilities.

For a longtime, many observers have expressed concerns about the electronic voting systems of the United States. Some have said the system is rigged, and that elections in the country are not determined by voters’ choice, but people who penetrate the systems.

In August 2016, a professor from Princeton University, and a graduate student proved that electronic voting machines in the United States remain astonishingly vulnerable to hackers. The two academics prove their claim in just less than eight minutes.

Professor Andrew Appel, an expert in election security, and his student, Alex Halderman took just seven minutes to break into the authentic Sequoia AVC Advantage electronic voting machine they purchased online for $82. This machine is still used in Louisiana, Pennsylvania, New Jersey, and Virginia.

Professor Appel said after presenting the evidence that the only “reasonably safe” voting method is paper ballots, since they can be counted alongside the electronic tally. He further noted that crucial swing states rely on more vulnerable paperless touchscreen voting that does not back up any of the numbers, urging officials to change their systems.

Professor Appel wrote in a blogpost: “Then whatever numbers the voting computer says at the close of the polls are completely under the control of the computer program in there. If the computer is hacked, then the hacker gets to decide what numbers are reported. … All DRE (paperless touchscreen) voting computers are susceptible to this kind of hacking. This is our biggest problem.”

You want to support Anonymous Independent & Investigative News? Please, follow us on Twitter: Follow @AnonymousNewsHQ

This article (Leaked FBI Document Reveals Hackers have Successfully Penetrated United States Election Systems) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.com