Could the forthcoming Presidential election on November 8 be hacked?

While the answer to that question remains, news has emerged that voting systems in two states have actually been hacked, including one instance of voting registration data being stolen.

The Federal Bureau of Investigation (FBI) has issued a “flash alert” after it uncovered evidence that hackers had penetrated two state election databases in recent weeks; the alert warned election officials across the United States to take action to enhance their security.

According to Yahoo News, which obtained a copy of the alert titled “Targeting Activity Against State Board of Election Systems,” the two states with breached data were Arizona and Illinois.

In Illinois, hackers were able to download personal data of up to 200,000 state voters, causing officials to shut down the voter registration system for 10 days in late July; the Arizona attacks are described as being more “limited” in that hackers only managed to inject malicious software onto the state’s voter registration system but did not manage to steal any data.

The FBI Cyber Division bulletin (pdf) noted that eight separate IP address were used in both attacks, with one IP address being common to both intrusions.

Interestingly the alert goes on to note that the bureau was looking for any signs that those behind the two attacks may have targeted other states: “The FBI is requesting that states contact their Board of Elections and determine if any similar activity to their logs, both inbound and outbound, has been detected … Attempts should not be made to touch or ping the IP addresses directly.”

Russians?

Despite the completely absurd neo-McCarthyism being sprouted by the Hillary Clinton campaign against Donald Trump, there is a possibility that the hackers could be Russian, with the Yahoo report noting that at least one IP address used in the attacks has previously been mentioned in Russian hacker forums. That said, tests by SiliconANGLE into the IP addresses listed in the FBI alert showed that they were hosted in the United Kingdom and the Netherlands, hardly a hotbed of Russian hackers.

Whoever is behind the hacks is beyond the point, because what the news does show is that electronic voting systems are vulnerable to begin with and can’t be trusted when it comes to elections; if two states have been found to be compromised, the chances are that smarter hackers who don’t leave a trail are likely to have already gained access to voting systems in many other states as well.

Image credit: donkeyhotey/Flickr/CC by 2.0