Russian government hackers have targeted dozens of state and local government and aviation computer networks since last month and stolen data from at least two servers, actions that could presage efforts to undermine the election, two federal agencies said Thursday.
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency said in a security alert that while there is no evidence that any election data has been compromised, the attacks may present “some risk” to election information housed on state and local government networks.
CISA’s top official, Christopher Krebs, said that the alert about Russian activity described a broad cyber campaign. “Our theory is that there’s broad scanning looking for vulnerabilities,” Mr. Krebs said. He added: “It’s an opportunistic activity. We don’t have any reason to believe they were looking for election infrastructure, election-related information. They just found themselves there.”
And Russia, he said, isn’t alone in trying to undermine the U.S. election. “Iran is very active. Russia isn’t quite as active,” he said.
The Russian hacking group linked to these attacks is known under various names including Energetic Bear and Dragonfly, the alert said. Government officials have previously linked the group to attacks on U.S. electrical infrastructure.