Foreign hackers are targeting federal, state and local IT networks, feds warn

Written by

Foreign government-linked hackers have been exploiting old software vulnerabilities in an effort to access federal, state and local computer networks in ongoing activity, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency warned Friday.

The federal advisory, which did not point the finger at a particular foreign government, said that the malicious cyber activity had in some cases “resulted in unauthorized access to elections support systems.” However, FBI and CISA officials said there was “no evidence to date that integrity of elections data has been compromised.”

“Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks,” the FBI and CISA advisory said.

“Elections support systems” are typically IT infrastructure, like email servers, that local government officials use for a range of business, whether related to an election or not. Those systems are not involved in tallying votes.

The FBI and CISA did not elaborate on the motives of the attackers. Foreign espionage groups routinely target government networks in a bid to gather intelligence, whether in election season or not. In some cases, the hackers have been exploiting a recently revealed vulnerability in a protocol that Microsoft uses to authenticate users.  CISA last month ordered federal civilian agencies to apply a software patch for the bug.

The announcement comes as voting in the presidential election is already underway and as federal officials pledge that the election will be the most secure ever. After Russian interference in the 2016 election, which included a sweeping disinformation campaign and the compromise of Illinois’ voter registration database, federal officials have drilled for years with their state and local counterparts to strengthen defenses.

U.S. intelligence officials continue to warn that Russia, China, Iran and other foreign governments have conducted influence operations aimed at the U.S. election.

The advisory outlined security steps that election officials can take to ensure their networks are protected.