WASHINGTON -- The FBI is investigating a series of suspected foreign hacks of state election computer systems and websites, and has warned states to be on the alert for intrusions.
The Aug. 18 warning, issued after two states sustained intrusions into their systems, comes amid heightened concern over Russian hacks of Democratic party organizations and possible meddling in the presidential election.
The FBI "flash" alert, which is not intended for general public release, listed Internet Protocol addresses and other technical fingerprints associated with the hacks.
"The FBI is requesting that states contact their Board of Elections and determine if any similar activity to their logs, both inbound and outbound, has been detected," said the FBI alert, which was first reported by Yahoo News.
The warning did not name the states that were targeted.
In Arkansas, Chris Powell, spokesman for Secretary of State Mark Martin, said his office has had "no indications of this kind of activity in Arkansas" but that it is "monitoring news reports closely."
Two states have reported threats to its systems in recent months. In June, the Arizona Secretary of State's office shut down part of its website after the FBI found a potential threat to its state voter registration system, according to The Arizona Republic.
And in July, the Illinois Voter Registration System suffered a cyberintrusion in which hackers were able to retrieve a number of voter records, according to a message from the Illinois State Board of Elections.
The intrusion led the state election board to shut down the voter registration system for a week.
"This was a highly sophisticated attack most likely from a foreign [international] entity," Kyle Thomas, the Illinois board's director of voting and registration systems, said in the message.
The FBI declined to comment other than to note it "routinely advises private industry of various cyber threat indicators" it turns up in investigations.
Meanwhile, some private sector researchers say some of the information released by the FBI suggests a Russian link, though they caution their work is preliminary.
Rich Barger, chief information officer at ThreatConnect, said that several of the IP addresses trace back to a website hosting service called King Servers that offers Russia-based technical support. He also said that one of the methods used was very similar to a method used in other intrusions suspected of being carried out by the Russian government, including one this month on the World Anti-Doping Agency.
"If this is the Russians, we can start to think through worst-case scenarios as to how they might sow doubt over our electoral process at election time," Barger said.
The reported intrusions so far do not appear to have involved manipulation of data -- a key concern of U.S. intelligence officials.
But, Barger said, "the very fact that [someone] has rattled the doorknobs, the very fact that the state election commissions are in the crosshairs gives grounds to the average American voter to wonder -- can they really trust the results?"
On Aug. 15, Homeland Security Secretary Jeh Johnson held a conference call with state election officials, offering the Department of Homeland Security's assistance in protecting against cyberattacks.
He said that Homeland Security was "not aware of any specific or credible cybersecurity threats relating to the upcoming general election systems," according to a readout of the call. It was not clear if he was aware at the time of the FBI's investigation into the Arizona and Illinois intrusions.
Information for this article was contributed by Brian Fanney of The Arkansas Democrat-Gazette.
A Section on 08/30/2016