The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the US voter registration data has been compromised in cyber-attacks. The two agencies note that malicious actors spread disinformation to manipulate public "opinion and undermine confidence in US democratic institutions."
According to public service awareness, the actors present publicly accessible data as evidence of the hacks. "Malicious actors continue to spread false or misleading information to manipulate public opinion and undermine confidence in US democratic institutions," the announcement reads. "One of the most common tactics involves using obtained voter registration information as evidence to support false claims that a cyber operation compromised election infrastructure."
The PSA explains that voter registration data is publicly available and can be acquired from official sources, so holding or republishing it does not constitute evidence of a compromise of voting infrastructure. Regarding the practical consequences of foreign actors holding that information, the FBI and CISA underline that it has no impact on the voting process or the election results. As of 14 September 2024, intelligence agencies have no evidence of a cyberattack on US election infrastructure that interrupted an election procedure or resulted in changes that would compromise the integrity of the process.[1]
"The FBI and CISA have no information suggesting any cyberattack on US election infrastructure has prevented an election from occurring, changed voter registration information, prevented an eligible voter from casting a ballot, compromised the integrity of any ballots cast, or disrupted the ability to count votes or transmit unofficial election results promptly," explains CISA and FBI
In the public service announcement, the two agencies make the following recommendations:
- Don't accept intrusion claims without evidence; they may aim to influence public opinion or undermine confidence in democracy.
- Be cautious of social media posts, emails, calls, or texts making suspicious claims about election security.
- For questions on election security, trust state and local election officials.
- For accurate information, visit official state and local election websites (".gov" domains).
This latest PSA comes a few months after CISA and the FBI decided to raise public awareness about false claims made by malicious actors that distributed denial-of-service (DDoS) attacks targeting election infrastructure would compromise the integrity of the process.
Although DDoS attacks can temporarily disrupt the availability of some election-related services, like ballot-casting reporting and voter look-up tools, the voting process itself cannot be impacted, and there has never been an incident suggesting otherwise.
As the general elections in the US approach, scheduled for 5 November, citizens should be aware of attempts by foreign actors with geopolitical motives to weaken the public's trust in the process.
This article is shared at no charge and is for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424
[1] https://www.bleepingcomputer.com/news/security/fbi-tells-public-to-ignore-false-claims-of-hacked-voter-data/
Comments