Posted on October 23, 2020 at 3:38 PM
Russian Hackers are Attacking Local and State US Governments
Russian hackers have been targeting the networks of state and local governments in the US, although the officials believe that they were unable to do anything to manipulate the elections.
According to the recent warning published by the US officials, it appears that hackers are once again terrorizing the US government networks. The warning claims that dozens of local and state governments in the country have suffered heavy attacks on their networks.
A new wave of attacks hits the US government networks
Hackers have managed to steal data from at least two different servers. What’s even worse is that all of this is happening less than two weeks before the US elections are scheduled to take place.
With that in mind, it is hardly surprising that everyone is concerned about the possibility of foreign powers using their hackers to tamper with the votes, and manipulate the election results.
Russian state-backed hackers are, of course, responsible for some of the most severe attacks, according to the Department of Homeland Security and the FBI.
The advisory from the two agencies did not identify the targets, either by name or location. However, for the time being, they claim that there is no evidence that would suggest that any government or election operations may have been compromised. So far, election-related data remains safe, according to what is known at this time.
That, of course, doesn’t mean that the hackers will not try to obtain future disruption options and influence the US actions, police, or even delegitimize government entities. This is one of the major concerns, according to the advisory.
Hackers cannot significantly impact the elections, officials claim
One good thing is that it would be extremely difficult for hackers to significantly impact the vote tallies, according to the officials. However, there is still a variety of other ways that bad actors could use to disrupt the elections.
One example would be conducting online attacks on networks that are needed for impeding the process of voting. Hackers might even try to confuse voters by creating fake content or spoofed websites.
Local governments are also concerned about the hackers potentially infiltrating the county network. If they were to manage that, they could potentially be able to use the network to find their way to election-related systems. This is why efficient firewalls need to be set in place, to prevent suspicious traffic from passing by undetected.
The problem is that smaller counties might not have enough money to support such professional defense measures.
Despite all of this, officials are still trying to stress the integrity of each vote. They are sending a clear message that every US citizen’s vote counts. Meanwhile, the Homeland Security’s head of Cybersecurity and Infrastructure Security Agency, Chris Krebs, noted that there is no reason to believe that these attacks are actually tied to election-related information.
The authorities have actually issued an alert regarding the scanning of county networks, during which the hackers were seeking potential vulnerabilities. In other words, they were looking for any flaw that could give them access to the network. They did not only seek out vulnerabilities that would provide them access to the part of the network tied to the elections.
He noted that “The election-related risk is the fact that they were in or touching an election system.”
The focus is on Iran, but Russia is still the main threat
The officials held a news conference on Wednesday night, and while they did mention the threat from the Russian Kremlin, it was never particularly emphasized. The authorities did admit that both Iran and Russia managed to obtain voting registration data, although this information is sometimes rather easy to access.
The main focus right now seems to be on Iran and its hackers, since there were numerous fake emails tied to the country’s online criminals. The national intelligence director, John Ratcliffe, claimed that the attacks had the goal of harming the current US president, Donald Trump. However, Ratcliffe never explained how hackers attempted to achieve this.
It is also worth noting that the US Treasury Department announced sanctions against several Iranian entities this Thursday. One of them was the Islamic Revolutionary Guard Corps, which clearly attempted to influence the country’s elections.
Despite all the attention that Iran is receiving, Russia is still believed to be a bigger threat, as mentioned earlier. After all, the country’s state-backed hackers did manage to successfully interfere with last year’s elections. They interfered this year again, in an attempt to denigrate Joe Biden, Trumps’s main political opponent.
These recent activities are believed to have been the work of a group known as Energetic Bear, or DragonFly. This particular group has allegedly been active since 2011, and is best known for cyberespionage of power grid operators and energy firms.