The FBI stated in a warning sent Aug. 18 that cyber attacks were carried out against two state board of electrions information system, raising concerns about foreign hackers manipulating election results.
“The FBI received information of an additional IP address, 18.104.22.168, which was detected in the July 2016 compromise of a state’s board of election web site,” the FBI warning said.
“Additionally, in August 2016 attempted intrusion activities into another state’s board of election system identified the IP address, 22.214.171.124 used in the aforementioned compromise.”
The incident occurred in late June when an unknown cyber attackers scanned the board of election website for vulnerabilities using Acunetix and found a structured query language (SQL) injection vulnerability on the site.
“The majority of the data exfiltration occurred in mid-July,” the FBI said. “There were seven suspicious IPs and penetration testing tools Acunetix, SQLMap, and DirBuster used by the actor.”
The states involved were Arizona and Illinois, according to Yahoo News, that first reported the breaches.
FBI Director James Comey declined to comment on the case based on a policy of not commenting on ongoing investigations.
But Comey said: “We take very seriously any effort by any actor, including nation-states, maybe especially nation-states, that moves beyond the collection of information about our country and that offers the prospect of an effort to influence the conduct of affairs in our country, whether that’s an election or something else.”
Full report (.pdf)…
Aug. 18, 2016