SQL injection attack used to slurp voters’ info
IT admins have received a flash warning from the FBI to harden up their systems following attacks against servers run by two US state election boards.
The security advisory states that the attacks in July and August both emanated from IP addresses in the Netherlands and used Acunetix, SQLMap, and DirBuster tools.
It tells IT admins to monitor logs for escalations of privileges and for unusual SQL activity.
“It was an eye opener,” one senior law enforcement official told Yahoo! News. “We believe it’s kind of serious, and we’re investigating.”
The July attack used a SQL injection technique to get into the website server for the Illinois Board of Elections, and stole the personal data of 200,000, according to Ken Menzel, the general counsel of the Illinois Board of Elections.
The database was taken offline for 10 days to fix the intrusion.
Menzel said that he had been told by the FBI that the attack came from “foreign hackers” and that there was a “possible link” with the attack against the Democratic National Committee servers, which is believed by some to have been carried out by Russian state actors.
The other attack, believed to be against Arizona, was less successful but still concerning to the FBI.
Before anyone panics, it looks likely that this was a simple attack to steal personal information, rather than an attempt to change the course of the election. While the hacking of voting machines is a major concern, particularly in states that don’t give paper receipts for votes, these are separate from the Election Board data.
Nevertheless, on August 15, Homeland Security Secretary Jeh Johnson had a conference call with state election officials, warning them to be on their guard against online attack. Johnson said that officials should take care that voting machines weren’t connected to the internet and were fully patched against flaws. He pledged help for state officials in securing their systems, including having the DHS send specially trained staff to help. ®
Sponsored: 2016 Cyberthreat defense report