Latest in Gear

Image credit: REUTERS/Jonathan Drake TPX IMAGES OF THE DAY

FBI, Homeland Security detail how Iranian hackers stole US voter data

Poorly configured sites were partly to blame.
Jon Fingas, @jonfingas
October 31, 2020
174 Shares
Share
Tweet
Share

Sponsored Links

Voters wait in line to enter a polling place and cast their ballots on the first day of the state's in-person early voting for the general elections in Durham, North Carolina, U.S. October 15, 2020.    REUTERS/Jonathan Drake     TPX IMAGES OF THE DAY
REUTERS/Jonathan Drake TPX IMAGES OF THE DAY

US officials are shedding more light on how Iran-linked hackers stole voter info to send intimidating emails to Democrat voters. The FBI and Homeland Security’s CISA have issued an advisory (via Bleeping Computer) explaining the campaign, which ran from September 20th through October 17th. There was plenty of preparation, the agencies said, and poor defenses were at least partly to blame.

The intruders spent several days just scanning sites for vulnerabilities using a security tool from Acunetix. They also spent time researching specific exploits, including ones to spot and bypass web firewalls. They used the know-how to take advantage of election site vulnerabilities, including misconfigured sites. The techniques included SQL injections, web shell uploads and even “unique” site flaws. Scripts made “several hundred thousand” queries to download voter data.

They made at least some attempt to cover their tracks. Many of the linked IP addresses come from NordVPN’s service as well as other VPN providers.

The attackers obtained voter registration info for “at least one” state, officials said, although they unsurprisingly weren’t specific about the nature of that breach or the volume of data taken.

CISA and the FBI made several recommendations that, unfortunately, would be givens for many other organizations. They advised keeping systems updated with security patches, to scan for common web flaws like SQL injections, and to protect against web shells. Administrators should have two-step verification, too. Like it or not, election systems still have basic failings — it may be a long while before your voting info is truly secure.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
174 Shares
Share
Tweet
Share

Popular on Engadget

The 2020 Engadget Holiday Gift Guide

The 2020 Engadget Holiday Gift Guide

View
Scientists might know why astronauts develop health problems in space

Scientists might know why astronauts develop health problems in space

View
Belkin’s new wireless charger tries to do what AirPower promised

Belkin’s new wireless charger tries to do what AirPower promised

View
The best Black Friday tech deals we could find

The best Black Friday tech deals we could find

View
Inside Indonesia's fight to save its most important soil

Inside Indonesia's fight to save its most important soil

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr