Ongoing Russian Cyberattacks Are Targeting U.S. Election Systems, Feds Say
Active Russian cyberattacks are targeting a wide swath of American government networks, including those involved with the ongoing election, federal authorities revealed Thursday.
Updated at 4:46 p.m. ET
The focus of the effort include "U.S. state, local, territorial, and tribal government networks, as well as aviation networks," according to a new bulletin from the FBI and the Cybersecurity and Infrastructure Security Agency.
It continued: "As this recent malicious activity has been directed at ... government networks, there may be some risk to elections information ... However, the FBI and CISA have no evidence to date that integrity of elections data has been compromised."
The written announcement followed one day after an in-person briefing by Director of National Intelligence John Ratcliffe and FBI Director Christopher Wray in which they warned about Russian interference as well as an Iranian scheme to intimidate voters with spoof emails.
The agencies involved have been warning for months, including with similar bulletins about cyberrisks confronting U.S. elections infrastructure, which they have suggested likely would focus on systems adjacent to core operations — such as a website that shows results — as opposed to the casting and counting of ballots themselves.
Ratcliffe, Wray and others have warned about the prospect that influence-mongers could exploit the headlines about cyberattacks, and some potential real exploits, to make claims about compromised election systems that might not be legitimate.
"We've been working for years as a community to build resilience in our election infrastructure — and today that infrastructure remains resilient," Wray said on Wednesday evening. "You should be confident that your vote counts. Early, unverified claims to the contrary should be viewed with a healthy dose of skepticism."
The bulletin on Thursday alluded to the prospect that the network activity detected by U.S. authorities could enable attackers to access sensitive systems, including even by printing access badges.
And even though American authorities said they've detected no disruptions, "the [attackers] may be seeking access to obtain future disruption options, to influence U.S. policies and actions, or to delegitimize ... government entities."
This is a breaking news story and will be updated. [Copyright 2020 NPR]