Agencies Say Reports of Hacking Voter Databases Are Misleading
The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are warning that “foreign actors and cybercriminals” are spreading disinformation – claiming to have hacked voter databases – in an attempt to manipulate public opinion, discredit the electoral process and undermine confidence in U.S. democratic institutions.
The agencies note in a joint statement issued Monday that the information the malicious actors say they obtained by hacking a database can be purchased or acquired through publicly available sources.
“While cyber actors have in recent years obtained voter registration information, the acquisition of this data did not impact the voting process or the integrity of election results,” according to the alert.
Stories of leaked voter databases are designed to sow doubt about vote tallies and the overall election process, the alert notes.
“These malicious actors could use various online platforms to spread disinformation suggesting successful cyber operations have compromised election infrastructure and facilitated the ‘hacking’ and ‘leaking’ of U.S. voter registration data,” according to the joint statement.
As the Nov. 3 election gets closer, disinformation will proliferate, many security experts say.
“As we approach the 2020 election, the question becomes what – and who – is on the other side of an engagement or interaction we are seeing online,” says Tamer Hassan, co-founder and CEO of the security firm White Ops. “Not only does this impact trust, but it raises an important question of whether there is a real human engaging in a real conversation or is it a sophisticated bot that looks and acts like a human trying to influence a specific outcome.”
Early this month, the Russian newspaper Kommersant claimed American voting data was stolen and then offered for sale in darknet forums. But the FBI and CISA said the data offered for sale was already publicly available, and they portrayed the newspaper report as part of a disinformation campaign (see: FBI, CISA Reject Russian Claim US Voter Data Was Stolen).
In a warning last week, the FBI and CISA said disinformation regarding the final vote tallies may be spread using fake websites to undermine confidence in the voting process (see: FBI, CISA Warn of Election Results Disinformation Campaigns).
William Evanina, the director of the National Counterintelligence and Security Center, has warned in reports to Congress that Russia, China and Iran are all seeking to influence the November election, using social media and other means to spread disinformation (see: US Intelligence Adds More Details on Election Interference).
Earlier this month, Facebook announced that, in August, it removed 13 accounts and two pages from its social media platform that had links to the Internet Research Agency, the Russian group that waged an election-related disinformation campaign in 2016 (see: Russian Election Misinformation Campaign Re-Emerges).
In a Sept. 3 letter, Senate Democratic Minority Leader Charles Schumer of New York, along with nine other Senate Democrats, urged the Treasury Department to use its authority to target those individuals responsible for election interference with economic sanctions (see: Senators Seek Sanctions for Election Interference).
CISA Director Christopher Krebs told Information Security Media Group in August that his agency is prepared to offer local and state government election officials technical support, training and cyber hygiene exercises to help prepare and secure the election (see: Election Security: A Progress Report From CISA’s Krebs).