Hackers Successfully Breach Illinois' Elections System, Target Arizona's

The hack in Illinois marked the first confirmation that such a breach could be executed successfully.

By Rick Pearson, Erin Cox and Ian Duncan, The Baltimore Sun / August 30, 2016
Shutterstock/welcomia

(TNS) -- The FBI is warning state elections officials in Maryland and around the country to be on their guard against hackers after the breach of a voter information database in Illinois and an attempted attack in Arizona.

Maryland officials said they are already prepared to fight off the type of attack the FBI warned about.

The hack in Illinois marked the first confirmation that such a breach could be executed successfully, said Nikki Baines Charlson, deputy administrator of the Maryland Board of Elections.

"This is the type of activity we watch for," she said. She said the state has deployed the type of cybersecurity needed to fend off such threats.

Federal officials have been taking steps to help states ensure the security of their elections systems, amid growing concern about the vulnerability of the American political system to foreign hackers. The FBI is investigating a hack of the Democratic National Committee that resulted in the unauthorized release of tens of thousands of emails.

Maryland has three large systems of voter information to protect: the election machines themselves, the voter registration database and the online voter service system through which residents may request ballots or register online.

Charlson said the elections board has multiple lines of defense to keep hackers out, and to detect and root them out if they penetrate the system.

Michael Greenberger, the director of the Center for Health and Homeland Security at the University of Maryland, wrote to the board last week warning that the online system for obtaining absentee ballots is vulnerable to manipulation.

Greenberger, who said he was writing in a personal capacity, said the system "is far too vulnerable to hacking by bad actors who seek to compromise the integrity of American elections."

Greenberger said he questioned the board's track record of hiring advisers on computer security issues and worried "about the ability of the board's professional staff to take guidance from the FBI."

Elections officials in Illinois said Monday that the personal information of almost 200,000 voters was hacked in a cyberattack that began in June and was halted a month later.

Ken Menzel, general counsel for the Illinois State Board of Elections, said no files of registered voters were erased or modified and that no voting history information or voter signature images were captured. But he said it's possible that some voter personal information, including driver's license numbers and the last four digits of Social Security numbers, could have been accessed.

"We say that the system was compromised in this context, that it's been accessed," Menzel said. "We're very confident nothing was added, deleted or altered."

But "due to the ambiguous nature of the attack," the elections board warned, "we may never know the exact number of affected voters."

The FBI alerted Arizona officials in June that Russians were behind the assault on the election system in that state.

The bureau described the threat as "credible" and significant, "an eight on a scale of one to 10," Matt Roberts, a spokesman for Arizona Secretary of State Michele Reagan, said Monday. Reagan shut down the state's voter registration system for nearly a week.

It turned out that the hackers had not compromised the state system or even any county system. They had, however, stolen the user name and password of a single elections official in Gila County.

Roberts said FBI investigators did not specify whether the hackers were criminals or employed by the Russian government. Bureau officials on Monday declined to comment.

After the Illinois cyberattack and the attempt in Arizona, the FBI issued a "flash alert" this month to warn of malicious attempts to obtain access to states' voter registration information. The actions by the FBI and related activity by the Department of Homeland Security were first reported by Yahoo News.

In Illinois, board staff became aware of a security breach July 12. Programmers used code changes to stop the malicious database queries.

The board stopped outside access to its website, including its online voter registration application process, to prevent further intrusions, and notified the Illinois attorney general's office and the General Assembly under the state's Personal Information Protection Act, Menzel said.

The online voter registration portal was restored late last month and the board has added further encryption and taken other steps to enhance security, officials said.

Menzel said there is a "reasonable suspicion" that the hackers were foreign.

"We know foreign servers were used, but it's not conclusive that foreign actors were involved," Menzel said. He said the FBI has "their reasons for suspecting foreign involvement, other than just some foreign servers were used."

The Washington Post contributed to this report.

(c)2016 The Baltimore Sun