Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Fraud & Identity Theft

FBI, CISA Say Malicious Cyber Activity Unlikely to Disrupt Election

The FBI and CISA have issued a public service announcement (PSA) to say that, based on their assessment, malicious cyber activities are unlikely to significantly disrupt the upcoming midterm elections in the United States.

FBI warns of malicious cyber activity targeting elections

The FBI and CISA have issued a public service announcement (PSA) to say that, based on their assessment, malicious cyber activities are unlikely to significantly disrupt the upcoming midterm elections in the United States.

The agencies have been tracking threat actors’ attempts to compromise election infrastructure, but said these attempts were localized and they were blocked or mitigated with minimal or no disruption. They are confident that threat actors are unlikely to be able to cause any large-scale disruption or prevent people from voting.

“As of the date of this report, the FBI and CISA have no reporting to suggest cyber activity has ever prevented a registered voter from casting a ballot, compromised the integrity of any ballots cast, or affected the accuracy of voter registration information,” the PSA reads.

The FBI and CISA warn that threat actors continue to be interested in election systems hosting voter registration information and ones that manage non-voting election processes. They also spread or amplify false claims of election infrastructure getting compromised.

However, the agencies say these attempts cannot prevent voting or the accurate reporting of election results. In addition, they have assured the public that technological, procedural and physical controls are in place to prevent malicious cyber actors from altering votes or blocking people from voting.

The FBI warned earlier this year that US election officials had been targeted in phishing attacks.

The PSA comes just days after senior FBI officials warned that Russian and Chinese government-affiliated entities are promoting misinformation about the integrity of US elections.

Facebook parent Meta announced in late September that it had removed two unconnected networks traced to China and Russia, which abused its platform to conduct influence operations. The Chinese operation, which ran across multiple social media platforms, was the first to target US domestic politics ahead of the midterms, Meta said.

The Russian operation disrupted by Meta did not target the elections, but the FBI said Russia’s operations are more pronounced compared to the Chinese.

On Wednesday, authorities announced that 51-year-old Eugene Yu, the founder and CEO of election software company Konnech Corporation, has been arrested on suspicion of stealing data on hundreds of poll workers in Los Angeles county.

Konnech, whose software is designed for tracking election worker schedules, training and payroll, was required to keep the data in the US, but instead allegedly stored it on Chinese servers.

Authorities did not specify what information may have been compromised, but noted that it only involved poll workers, not voting machines or vote counts.

Konnech and Chinese-born Yu were accused by election conspiracy theorists of having ties to the Chinese Communist Party and supplying them with information on millions of poll workers.

Related: Election Officials Face Security Challenges Before Midterms

Related: Attacks From Within Seen as a Growing Threat to Elections

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.