US sounds second alert over foreign hacking in as many days

WASHINGTON • United States agencies accused Russia of breaking into government computer networks, the second such claim in as many days, while more details emerged of spoofed e-mails allegedly sent to voters by Iran.

Law enforcement and security agencies have been on high alert to avoid a repeat of 2016, when hackers alleged to be working for Russia's military intelligence stole and released e-mails belonging to prominent US Democrats in a bid to help Mr Donald Trump get elected president, according to US intelligence agencies, officials, researchers and experts.

In a bulletin less than two weeks before the US election on Nov 3, US agencies said that a Russian group - sometimes called Berserk Bear or Dragonfly by researchers - had targeted dozens of state, local, tribal and territorial US governments, and, in two instances, succeeded in stealing data.

The group has previously been observed targeting global critical infrastructure but, in the past two months, the hackers pivoted "to a heavy focus on state and local governments," according to Ms Sarah Jones, an analyst with cyber-security company FireEye.

In response to a request for comment, the Russian Embassy in Washington pointed to recent comments by Kremlin spokesman Dmitry Peskov calling such allegations "absolutely groundless".

US officials were careful in Thursday's warning - which was posted on the website of the Cybersecurity and Infrastructure Security Agency (Cisa), an arm of the Department of Homeland Security - to emphasise that they had no information to indicate the hackers had intentionally disrupted any elections or government operations.

But the Federal Bureau of Investigation and Department of Homeland Security said the hacking might have had other malign motivations, such as laying the groundwork for a future plot.

The scope of the intrusions was not fully clear. Cisa mentioned only two victims, and their identities were not released.

US director of national intelligence John Ratcliffe announced on Wednesday that Russia and Iran had both tried to interfere with the 2020 presidential election, seeking to undermine Americans' confidence in the integrity of the vote and spread misinformation in an attempt to sway its outcome.

Mr Ratcliffe said that Russia obtained voter information and Iran sent spoofed e-mails to US voters in an attempt to intimidate them.

Few details of the Russian targeting were made public, but Reuters reported that, in the Iranian case, a mistake by the hackers in a video attached to the e-mails meant that officials were able to identify them almost immediately.

Speaking to CNN, White House chief of staff Mark Meadows said that the Iranian e-mails affected "less than 10,000 people".

"Every person and every vote counts but there's no ballots that are being manipulated," he said.


A version of this article appeared in the print edition of The Straits Times on October 24, 2020, with the headline 'US sounds second alert over foreign hacking in as many days'. Print Edition | Subscribe