Breaking News
Ad-Free Version. Subscribe now to follow markets, faster and distraction-free. More details

U.S. Detects Rise in Russian, Iranian Hacks Before Elections

PoliticsOct 23, 2020 00:45
Saved. See Saved Items.
This article has already been saved in your Saved Items
2/2 © Bloomberg. WASHINGTON, DC - SEPTEMBER 28: An American flag is placed on a fence outside of the U.S. Capitol building on September 28, 2020 in Washington, DC. This week Seventh U.S. Circuit Court Judge Amy Coney Barrett, U.S. President Donald Trump's nominee to the Supreme Court, will begin meeting with Senators as she seeks to be confirmed before the presidential election. (Photo by Al Drago/Getty Images) Photographer: Al Drago/Getty Images North America 2/2

(Bloomberg) -- Russia has been targeting U.S. government agencies since at least September and may be planning more severe attacks in the days leading up to Election Day and even afterward, according to a cybersecurity advisory issued by a pair of U.S. agencies.

Russian state-sponsored operators have been targeting dozens of government and aviation networks, including successful attacks against two unnamed victims whose data was stolen as of Oct. 1, according to one of two guidances issued jointly by the FBI and the Cybersecurity Infrastructure Security Agency, known as CISA. There’s no evidence that the attacks have disrupted victims in aviation, education, elections or government, yet the agencies called for heightened awareness in case attackers return, especially in the days leading up to the Nov. 3 election.

“The actor may be seeking access to obtain future disruption options, to influence U.S. policies and actions, or to delegitimize” local government entities, according to the advisory issued Thursday. “There may be some risk to elections information. However, the FBI and CISA have no evidence to date that integrity of data has been compromised.”

The Russian state-sponsored group is known by various nicknames, including Berserk Bear and Crouching Yeti.

The agencies issued another alert simultaneously, warning against malicious Iranian actors seeking to interfere and sow discord in the U.S. elections. Also state-sponsored hackers, these groups are creating fake media sites and spoofing legitimate media to spread “U.S. voter registration data, anti-American propaganda and misinformation,” according to the guidance.

The warnings came a day after Director of National Intelligence John Ratcliffe accused Iran of escalating efforts to interfere in the closing days of the presidential election, saying the Islamic Republic faked a series of intimidating messages to Democratic voters. While the email campaign -- which impersonated the right-wing Proud Boys group -- reached fewer than 3,000 users, according to cyber-researchers at Proofpoint (NASDAQ:PFPT) Inc., the attempt to interfere came amid heightened fears of nation-state meddling in the coming days.

These same Iranian actors are known for taking down websites, hacking databases and sending spear-phishing messages, which could render “these systems temporarily inaccessible to the public or election officials, which could slow, but not prevent, voting or the reporting of voting results,” read the joint statement.

In addition, the Treasury Department on Thursday sanctioned five Iranian entities for “having directly or indirectly engaged in, sponsored, concealed, or otherwise been complicit in foreign interference in the 2020 U.S. presidential election.” The sanctioned groups include the Islamic Revolutionary Guard Corps, the IRGC-Qods Force and Bayan Rasaneh Gostar Institute.

“The Iranian regime has targeted the United States’ electoral process with brazen attempts to sow discord among the voting populace by spreading disinformation online and executing malign influence operations aimed at misleading U.S. voters,” the department said in a statement.

The Russian hacking group named by CISA has been connected to breaches in the U.S., Europe and elsewhere, according to the cybersecurity firm FireEye (NASDAQ:FEYE) Inc.. They’re accused of hacking energy providers, water infrastructure, airports and an election-related organization in the last several years.

“We have actively tracked targeting of state and local systems by this actor in the lead up to the election,” said John Hultquist, a senior director at FireEye, in a statement. “Access to these systems could enable disruption or could be an end in itself, allowing the actor to seize on perceptions of election insecurity and undermine the democratic process.” He added that the firm has no evidence that the group has the capability to alter votes.

Earlier this month, CISA alerted the public of “malicious activity” targeting government networks at the federal, state and local level. “There may be some risk to elections information housed on government networks,” the agency warned at the time. “CISA is aware of some instances where this activity resulted in unauthorized access to elections support system.”

“The fact that these countries reportedly continue to engage in easily-compromised influence operations aimed at influencing U.S. and other elections tells you that the Western response to their past actions has failed to establish deterrence,” Norman Roule, a former senior U.S. intelligence officer, said of the Ratcliffe’s announcement on Wednesday. “Such operations have profound consequences that go beyond any one election and any single country.”

(Updates with Treasury sanctions in eighth paragraph)

©2020 Bloomberg L.P.

U.S. Detects Rise in Russian, Iranian Hacks Before Elections

Related Articles

Add a Comment

Comment Guidelines

We encourage you to use comments to engage with users, share your perspective and ask questions of authors and each other. However, in order to maintain the high level of discourse we’ve all come to value and expect, please keep the following criteria in mind: 

  • Enrich the conversation
  • Stay focused and on track. Only post material that’s relevant to the topic being discussed.
  • Be respectful. Even negative opinions can be framed positively and diplomatically.
  •  Use standard writing style. Include punctuation and upper and lower cases.
  • NOTE: Spam and/or promotional messages and links within a comment will be removed
  • Avoid profanity, slander or personal attacks directed at an author or another user.
  • Don’t Monopolize the Conversation. We appreciate passion and conviction, but we also believe strongly in giving everyone a chance to air their thoughts. Therefore, in addition to civil interaction, we expect commenters to offer their opinions succinctly and thoughtfully, but not so repeatedly that others are annoyed or offended. If we receive complaints about individuals who take over a thread or forum, we reserve the right to ban them from the site, without recourse.
  • Only English comments will be allowed.

Perpetrators of spam or abuse will be deleted from the site and prohibited from future registration at’s discretion.

Write your thoughts here
Are you sure you want to delete this chart?
Post also to:
Replace the attached chart with a new chart ?
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Thanks for your comment. Please note that all comments are pending until approved by our moderators. It may therefore take some time before it appears on our website.
Are you sure you want to delete this chart?
Replace the attached chart with a new chart ?
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Add Chart to Comment
Confirm Block

Are you sure you want to block %USER_NAME%?

By doing so, you and %USER_NAME% will not be able to see any of each other's's posts.

%USER_NAME% was successfully added to your Block List

Since you’ve just unblocked this person, you must wait 48 hours before renewing the block.

Report this comment

I feel that this comment is:

Comment flagged

Thank You!

Your report has been sent to our moderators for review
Disclaimer: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn`t bear any responsibility for any trading losses you might incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.
Continue with Google
Sign up with Email