The FBI warned Tuesday that election officials in nine states have been targeted in recent cyberattacks, including phishing emails containing malicious links.
“If successful, this activity may provide cyber actors with sustained, undetected access to a victim’s systems,” the FBI said in a report (pdf). “These emails shared similar attachment files, used compromised email addresses, and were sent close in time, suggesting a concerted effort to target U.S. election officials.”
Such cyberattacks have occurred since October 2021, the bureau said, adding that such incidents will likely increase or continue “in the lead-up to the 2022 U.S. midterm elections” in November.
On Oct. 5, 2021, unidentified hackers targeted certain election officials in nine states while also targeting representatives of the National Association of Secretaries of State, the FBI said.
“These emails originated from at least two email addresses with the same attachment titled, ‘INVOICE INQUIRY.PDF,’” the report said, adding that the email redirected users to a website that harvests logins and passwords.
“One of the email addresses sending the phishing emails was a compromised U.S. government official’s email account,” the agency continued, adding that both “emails contained Microsoft Word document attachments regarding invoices, which redirected users to unidentified online credential harvesting websites.”
The FBI did not say whether the alleged cybercriminals had ties to another country or group. Previously, U.S. intelligence officials have blamed Chinese, Russian, and Iranian state actors for coordinated cyberattacks against U.S. officials.
“Proactive monitoring of election infrastructure [including official email accounts] and communication between FBI and its state, local, territorial, and tribal partners about this type of activity will provide opportunities to mitigate instances of credential harvesting and compromise, identify potential targets and information sought by threat actors, and identify threat actors,” the FBI also wrote.
As a result, the FBI recommended that elections officials and other government workers should take precautions to stop phishing attacks.
Earlier this month, President Joe Biden called on American companies to make certain all necessary steps are taken to deal with a potential cyberattack amid the Russia-Ukraine conflict.
Meanwhile, on Tuesday, Russian officials blamed the United States for leading a massive cyberattack on the country’s critical infrastructure and network systems.
In a statement posted on its website, the Russian Foreign Ministry claimed the U.S. has allegedly targeted “state institutions, the media, critical infrastructure facilities, and life support systems.”
“An army of cyber mercenaries is waging war against us, facing specific combat missions, often bordering on open terrorism,” the ministry also said. “No one should have any doubts: the cyber aggression unleashed against Russia will lead to grave consequences for its instigators and perpetrators.”
A spokesperson for the U.S. National Security Agency, Emily Horne, told The Hill that Russia’s claims were unfounded.
“The United States Government has not engaged in the activity described by Russia. Moscow’s statements to the contrary amount to disinformation,” said Horne.