Hackers, possibly nation-state actors, have penetrated U.S. government networks and accessed election systems, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) said in a joint alert.
In some cases, there was unauthorized access to election support systems, CISA added.
The agency, which is part of the Department of Homeland Security, explained there is no evidence so far that the integrity of elections data was compromised and that “it does not appear these targets are being selected because of their proximity to elections information.”
CISA did intimate that election system data could be compromised, noting “there are steps that election officials, their supporting … IT staff, and vendors can take to help defend against this malicious cyber activity.”
Hackers got access via a combination of vulnerabilities – what CISA calls “vulnerability chaining.” It is a commonly used tactic and in this case targeted federal and state, local, tribal, and territorial (SLTT) government networks, critical infrastructure, and elections organizations.