FBI: Election Officials in 9 States Targeted in Recent Cyberattacks

FBI: Election Officials in 9 States Targeted in Recent Cyberattacks Mail-in ballot Mail-in ballot. (Phototrip/Dreamstime.com)

By Jeffrey Rodack | Tuesday, 29 March 2022 02:18 PM

Since October 2021, election officials in at least nine states have received invoice-themed phishing emails containing links to websites that could be used to steal login credentials, the FBI warned on Tuesday.

"If successful, this activity may provide cyber actors with sustained, undetected access to a victim's systems," the FBI said in a statement. "These emails shared similar attachment files, used compromised email addresses, and were sent close in time, suggesting a concerted effort to target U.S. election officials.

"The FBI judges cyber actors will likely continue or increase their targeting of U.S. election officials with phishing campaigns in the lead-up to the 2022 U.S. midterm elections. Proactive monitoring of election infrastructure [including official email accounts] and communication between FBI and its state, local, territorial, and tribal partners about this type of activity will provide opportunities to mitigate instances of credential harvesting and compromise, identify potential targets and information sought by threat actors, and identify threat actors."

The agency said that on Oct. 5, 2021, unidentified hackers targeted election officials in nine unnamed states, and representatives of the National Association of Secretaries of State with phishing emails.

"These emails originated from at least two email addresses with the same attachment titled, "Invoice Inquiry.pdf," which redirected users to a credential harvesting website," the FBI said in the statement. "One of the email addresses sending the phishing emails was a compromised U.S. government official's email account.

"On 18 October 2021, cyber actors used two email addresses, purportedly from U.S. businesses, to send phishing emails to county election employees. Both emails contained Microsoft Word document attachments regarding invoices, which redirected users to unidentified online credential harvesting websites."

The FBI issued the following recommendations to stop a phishing attack:

* Educate workers on how to recognize phishing attacks.

* Create protocols for workers to sending suspicious email to their IT departments.

* Enable strong spam filters to prevent attacks.

* Keep all operating systems up to date.

Meanwhile, President Joe Biden is urging U.S. companies to make certain all necessary steps are taken because of "evolving intelligence" that Russia is considering launching cyberattacks against critical infrastructure targets as the war in Ukraine continues.

According to The Associated Press, Biden's top cybersecurity aide, Anne Neuberger, expressed frustration at a White House press briefing last week that some critical infrastructure entities have not taken steps to fix known problems in software that could be exploited by Russian hackers.