Hackers have accessed U.S. government networks and election systems, a new federal alert confirmed just a month before the 2020 presidential election.
According to a joint alert from the FBI and Cybersecurity and Infrastructure Security Agency (CISA) released October 9, the recent “malicious activity” almost exclusively targeted federal and state, local, tribal, and territorial government networks.
“CISA is aware of some instances where this activity has resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised,” the joint alert stated.
The joint alert encouraged election officials, IT staff, and vendors to take steps to help defend against the mischievous cyber activity. Hackers gained access through “vulnerability chaining,” a commonly used tactic that exploits multiple vulnerabilities at once in order to compromise a network or application. The best defense against this technique is to keep systems up to date by patching systems and equipment promptly, diligently, and on a consistent schedule, the alert stated.
“Patches are available for all of the vulnerabilities referenced in the joint cybersecurity advisory from CISA and the FBI,” the cybersecurity company Tenable said to Fox News in a written statement. “Most of the vulnerabilities had patches available for them following their disclosure.”
The alert referred to the hackers as “advanced persistent threat (APT) actors” but did not reveal who they were or where they were from specifically. According to the experts at Comparitech, APTs are the very complex cyberattacks “usually orchestrated by nation-state groups or well-organized criminal enterprises.”
This isn’t the first case of potential cyber-interference in the 2020 presidential election. In early September, Microsoft detected cyberattacks from Russia, China, and Iran that targeted “people and organizations involved in the upcoming presidential election,” including unsuccessful attempts to interfere in both the Trump and Biden campaigns.
“The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated, and is consistent with what the U.S. government and other have reported,” Tom Burt, Corporate Vice President of Customer Security and Trust at Microsoft, said in a blog post.
According to Burt, Russia has attacked over 200 organizations, including political campaigns, advocacy groups, parties, and political consultants, while China has attacked high-profile individuals associated with the election, including people linked to Joe Biden’s presidential campaign, and Iran has attacked the personal accounts of people associated with President Trump’s reelection campaign.
“The majority of these attacks were detected and stopped by security tools built into our products,” Burt’s post stated. “We have directly notified those who were targeted or compromised so they can take action to protect themselves.”