UNITED STATES NEWS

US cyberwarriors thwarted 2020 Iran election hacking attempt

Apr 25, 2023, 1:16 PM

Iranian hackers broke into to a system used by a U.S. municipal government to publish election results in 2020 but were discovered by cyber soldiers operating abroad and kicked out before an attack could be launched, according to U.S. military and cybersecurity officials.

The system involved in the previously undisclosed breach was not for casting or counting ballots, but rather was used to report unofficial election results on a public website. The breach was revealed during a presentation this week at the RSA Conference in San Francisco, which is focused on cybersecurity. Officials did not identify the local government that was targeted.

“This was not a system used in the conduct of the election, but we are of course also concerned with systems that could weigh on the perception of a potential compromise,” said Eric Goldstein, who leads the cybersecurity division at the U.S. Cybersecurity and Infrastructure Security Agency.

If not expelled from the site, the hackers could have altered or otherwise disrupted the public-facing results page — though without affecting ballot-counting.

“Our concern is always that some type of website defacement, some type of (denial of service) attack, something that took the website down or defaced the website say on the night of the election, could make it look like the vote had been tampered with when that’s absolutely not true,” Major Gen. William J. Hartman, commander of U.S. Cyber Command’s Cyber National Mission Force, told conference attendees Monday.

Hartman said his team identified the intrusion as part of what he termed a “hunt-forward” mission, which gathers intelligence on and surveils adversaries and criminals. The team quickly alerted officials at the U.S. cybersecurity agency, who then worked with the municipality to respond to the intrusion.

Hartman said his team then acted “to ensure the malicious cyber actor no longer had access to the network and was unable to come back into the network in direct support of the elections.”

No details were released on how or from what country the Iranian intrusion was detected.

Its successful thwarting highlights the stealthy, largely classified, efforts of U.S. military cyberwarriors to prevent a repeat of 2016, when a Russian hack-and-leak operation targeting Hillary Clinton’s campaign favored former President Donald Trump’s election.

Asked in a recent interview about his accomplishments since he was promoted to U.S. Cybercom and National Security Agency chief in 2018, Gen. Paul Nakasone pointed to election security.

“We said if you are going to come and try to influence or interfere in our elections, we’re going to take you on, and we did,” he said.

Election and national security officials have been increasingly focused on cybersecurity threats since the 2016 election. Locally, they have been trying to heighten protections for voting machines, vote tabulators, voter registration databases and electronic pollbooks, which are used to check in voters at polling locations.

Some of the non-voting systems present security challenges because they have internet connections. As the use of electronic systems has grown, they have proved an attractive target for those seeking to meddle in elections.

In 2016, Russian hackers scanned state voter registration systems looking for vulnerabilities and accessed the Iranian hackers obtained confidential voter data and used it to send misleading emails, seeking to spread misinformation and influence the election.

Beginning in 2018, the National Defense Authorization Act let the U.S. “take down infrastructure” and “take on adversaries” outside the country, Nakasone said. So by 2020, when Russian and Iranian actors attempted to interfere with the U.S. election, U.S. cyber operators were able to thwart them, he added.

Under Nakasone, Cybercom has sent small teams to 22 countries to help hunt on their networks — “to identify malware, tradecraft, techniques that adversaries are using and then broadly publicize that,” he said. That includes Ukraine, where he said a team arrived on Dec. 3, 2021, more than two months ahead of the Russian invasion.

In a March statement ahead of a congressional hearing, Nakasone said Cybercom had deployed its teams 40 times to work on 59 networks, generating insights and “imposing costs on common adversaries.” He said the missions “exposed malicious cyber activity by China, Russia, Iran and cyber criminals,” helped make other nation’s networks more secure and “led to the public release of more than 90 malware samples for analysis by the cybersecurity community.”

___

Cassidy reported from Atlanta. Bajak reported from Boston.

United States News

Associated Press

The Latest | Gaza death toll surges over 30,000 as a strike kills and wounds scores waiting for aid

More than 30,000 Palestinians have been killed in the Gaza Strip since the start of the Israel-Hamas war nearly five months ago, health officials in the territory said as a strike on a crowd of people waiting for aid in Gaza City killed and wounded scores on Thursday. At least 70 people were killed as […]

1 hour ago

FILE - Commerce Secretary Gina Raimondo listens during a House Committee on Science, Space, and Tec...

Associated Press

Biden administration to investigate national security risks posed by Chinese-made ‘smart cars’

WASHINGTON (AP) — Citing potential national security risks, the Biden administration says it will investigate Chinese-made “smart cars” that can gather sensitive information about Americans driving them. The probe could lead to new regulations aimed at preventing China from using sophisticated technology in electric cars and other so-called connected vehicles to track drivers and their […]

2 hours ago

Associated Press

A shooting in Orlando has left at least 1 person dead and several injured, police say

ORLANDO (AP) — At least one person is dead and several others were injured Wednesday night following a shooting in Orlando, Florida, police say. At approximately 11:00 p.m. Orlando Police officers responded to the area of Iron Wedge Drive and South Lake Orlando in reference to several shots fired, WFTV reported. Upon arrival, officers located […]

3 hours ago

FILE - A map of a new proposed community in Solano County, Calif., is displayed during a news confe...

Associated Press

A billionaire-backed campaign for a new California city is off to a bumpy start

SAN FRANCISCO (AP) — After two false starts, the billionaires behind a plan to build an eco-friendly city from scratch are behind schedule and off to a bumpy start to put their proposal before California voters this November. Former Goldman Sachs trader Jan Sramek unveiled his closely guarded ballot initiative for the proposed community between […]

5 hours ago

FILE - Nevada Secretary of State Cisco Aguilar speaks before Gov. Joe Lombardo signs an election wo...

Associated Press

Nevada and other swing states need more poll workers. Can lawyers help fill the gap?

RENO, Nev. (AP) — With Nevada counties struggling to find poll workers in a pivotal election year, the top election official in the Western swing state is taking a page from his counterparts elsewhere and is asking the legal community to help fill the gap. Secretary of State Cisco Aguilar wants lawyers who volunteer at […]

5 hours ago

FILE - This combo image shows President Joe Biden, left, Jan. 5, 2024, and Republican presidential ...

Associated Press

What is Super Tuesday? Why it matters and what to watch

The biggest day of this year’s primary campaign is approaching as 15 states — plus American Samoa — vote in contests known as Super Tuesday. The elections are a crucial moment for President Joe Biden and former President Donald Trump, who are the overwhelming front-runners for the Democratic and Republican presidential nominations. As the day […]

6 hours ago

Sponsored Articles

...

DISC Desert Institute for Spine Care

Sciatica pain is treatable but surgery may be required

Sciatica pain is one of the most common ailments a person can face, and if not taken seriously, it could become one of the most harmful.

...

Fiesta Bowl Foundation

The 51st annual Vrbo Fiesta Bowl Parade is excitingly upon us

The 51st annual Vrbo Fiesta Bowl Parade presented by Lerner & Rowe is upon us! The attraction honors Arizona and the history of the game.

...

Collins Comfort Masters

Avoid a potential emergency and get your home’s heating and furnace safety checked

With the weather getting colder throughout the Valley, the best time to make sure your heating is all up to date is now. 

US cyberwarriors thwarted 2020 Iran election hacking attempt