FBI, CISA Reject Russian Claim US Voter Data Was StolenThe Information Is Already Publicly Available, Agencies Say
The FBI and the U.S. Cybersecurity and Infrastructure Security Agency say a Russian newspaper report that claims American voting data was stolen and then offered for sale in darknet forums is inaccurate. The agencies say the data offered for sale is already publicly available, and they portray the newspaper report as part of a disinformation campaign.
See Also: Threat Briefing: Ransomware
The Russian newspaper Kommersant reported Tuesday it had discovered databases containing the personally identifiable information of millions of Michigan, Connecticut, Arkansas, Florida and North Carolina voters were being offered for sale on darknet forums. The newspaper says 7.6 million Michigan records were for sale, with the other databases containing between 2 million and 6 million lines of data, the report notes.
The FBI and CISA, along with election officials from Michigan, stress that much of this information is already publicly available from various databases.
"Information on U.S. elections is going to grab headlines, particularly if it is cast as foreign interference. Early, unverified claims should be viewed with a healthy dose of skepticism," according to the joint statement released Tuesday.
The federal agencies say that no cyberattacks affecting voter registration databases or any voting system have been detected, and they say reports on such incidents would be passed along to election officials at the state and local level.
The Russian newspaper says a darknet advertisement for the information states the records for sale contain names, dates of birth, gender, dates of registration, mailing addresses, e-mail addresses, voter identification numbers and polling station numbers.
Michigan Attorney General Dana Nessel, tweeted Tuesday that the Kommersant story was part of a disinformation campaign designed to scare voters so they won’t use mail-in ballots. In addition, the Michigan Department of State rejected the notion that the agency had been hacked, saying voter information mentioned in the Russian newspaper story is publicly accessible to anyone through a Freedom of Information Act request.
"Our system has not been hacked. We encourage all Michigan voters to be wary of attempts to 'hack' their minds, however, by questioning the sources of the information and advertisement they encounter and seeking out trusted sources, including their local election officials," according to the Michigan Department of State.
Security analysts were also skeptical.
Dmitri Alperovitch, chairman of the nonprofit Silverado Policy Accelerator and co-founder and former CTO at Crowdstrike, points out such voter information is made readily available on a monthly basis by many states, including Florida.
Focus on Election Security
Concerns that the 2020 U.S. election is in danger of being compromised were described in the Senate Intelligence Committee’s fifth and final report on Russian interference during the 2016 election, which was released in August (see: Final Report: More 2016 Russian Election Hacking Details).
The committee concluded Russian President Vladimir Putin ordered the hack of the Democratic National Committee's computer networks and accounts to gain information intended to hurt the campaign of Democratic presidential candidate Hillary Clinton, help the campaign of President Donald Trump and undermine the election process.
The DNC hack and leak campaign was conducted by specialized cyber units in the GRU, Russia's intelligence agency, the report says.
CISA Director Christopher Krebs told attendees at Information Security Media Group's Cybersecurity Virtual Summit that his agency has been ramping up its efforts to offer local and state government election officials technical support, training and cyber hygiene exercises needed to ensure a more secure election in November.
"We are better off today than we were four years back," Krebs said, referring to foreign interference that marred the 2016 election. "The metrics support that conclusion."
The Office of the Director of National Intelligence noted in an August report that while it remains difficult to physically change votes, disinformation campaigns are an ongoing issue (see: Election Security: A Progress Report From CISA's Krebs).
In that report, William Evanina, the director of the National Counterintelligence and Security Center, noted that Russia, China and Iran are seeking to influence the election.