Russian hackers known as 'Energetic Bear' target dozens of state and local government networks, gaining access to election systems and voter data
Hackers sponsored by Russia have targeted the networks of dozens of state and local governments in the United States in recent weeks, gaining access to election systems and voter information.
The FBI and Department of Homeland Security issued an alert about the breaches on Thursday, marking the second major warning over foreign hacking in as many days as voters prepare to head to the polls in less than two weeks.
'Since at least September 2020, a Russian state-sponsored actor has conducted a campaign against a wide variety of US targets,' the advisory read.
The hacking group, nicknamed Energetic Bear or Dragonfly by researchers, successfully broke into an unspecified number of networks and, as of earlier this month, had stolen data from two of them, the agencies said. The names of the targeted governments were not disclosed.
Officials said they have no information that any election or government operations have been affected or that the integrity of elections data has been compromised.
However, the advisory warned: 'The actor may be seeking access to obtain future disruption options, to influence US policies and actions, or to delegitimize (state and local) government entities.'
The advisory served as a reminder of Russia's potent capabilities and ongoing interference in the election - amplifying fears of the potential for tampering with the vote and undermining confidence in the results.
Hackers sponsored by Russia have targeted the networks of dozens of state and local governments in the United States in recent weeks, gaining access to election systems and voter information (file photo)
The hacking group is thought to be acting at the instruction of Russia's Federal Security Service - the successor agency to the Soviet-era KGB.
The group appears to have been in operation since at least 2011 and is known to have engaged in cyberespionage on energy companies and power grid operators in the US and Europe, as well as on defense and aviation companies.
Chris Krebs, director of Homeland Security's Cybersecurity and Infrastructure Security Agency, said Thursday's alert was issued in regards to scanning of county networks for vulnerabilities, not specifically targeting the elections.
'There was access in a couple limited cases to an election related network,' Krebs told the Associated Press.
Officials stressed that there is no evidence that the Russians have changed any vote tallies or voter registration information.
However, there are fears that Russian groups could use their knowledge of local computer information to stoke chaos and doubts about the results of the election after November 3 if the presidential race isn't called on that night, the New York Times reported.
Intelligence officials told the newspaper that while the hackers' specific plans are not clear, its believed their efforts would be aimed at bolstering Donald Trump's chances at retaining the White House.
US officials have repeatedly said it would be extremely difficult for hackers to alter vote tallies in a meaningful way, but they have warned about other methods of interference that could include cyberattacks on networks to impede the voting process or the production of spoofed websites or other faked content aimed at causing voters to mistrust the results.
A broad concern, particularly at the local government level, has been that hackers could infiltrate a county network and then work their way over to election-related systems unless certain defenses, such as firewalls, are in place.
This is especially true for smaller counties that don't have as much money and IT support as their bigger counterparts to fund security upgrades.
US Director of National Intelligence John Ratcliffe warned at a hastily called news conference Wednesday night that Russia and Iran had obtained voting registration information, though such data is sometimes publicly accessible
US Director of National Intelligence John Ratcliffe warned at a hastily called news conference Wednesday night that Russia and Iran had obtained voting registration information, though such data is sometimes publicly accessible.
But most of the focus of that event was on Iran, which Ratcliffe linked to a series of menacing but fake emails aimed at intimidating voters in multiple battleground states.
Despite that activity, Russia is widely regarded in the cybersecurity community as the bigger threat to the election.
The US has said that Russia, which interfered in the 2016 election by hacking Democratic email accounts, is interfering again this year in part through a concerted effort to denigrate President Trump's Democratic opponent, Joe Biden.
Both Russia and Iran have denied allegations of US election interference.
Iran's foreign ministry spokesman Saeed Khatibzadeh called the allegations 'fabricated and clumsy' and repeated the nation's stance that it does not favor Trump or Biden in a statement on Thursday.
'US have put forward a baseless claim on the verge of the country's election so that they would advance their undemocratic and predefined scenario through shifting the blame,' Khatibzadeh said.
Russia also dismissed Ratcliffe's accusations as 'absolutely groundless'.
'Accusations are raining down every day. All of them are absolutely groundless, they are not based on anything,' Kremlin spokesman Dmitry Peskov told reporters.