A Russian-owned company attempted what was described as a clumsy cyberattack on the state of Ohio’s election website on voting day, a top state official has revealed.
Ohio Secretary of State Frank LaRose announced this week that the unnamed company tried to carry out a “relatively unsophisticated” attack on November 5, the same day that people across the state were taking to the polls. As The Associated Press reported, the attack originated in Panama but was traced back to the Russian company.
LaRose said the attacked appeared to be an attempt to probe his office’s website for vulnerabilities. The report noted that it may not have been an attempt to actually alter the results of the election, but rather to undermine public confidence in the election system. LaRose noted that election results and election machines in Ohio are not connected to the internet, keeping them safe from cyberattacks.
The attack comes amid warnings from cybersecurity officials about Russian plans to interfere in the 2020 presidential election. Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security, said in a recent interview with CBS News that Russia will likely attempt to breach security of election systems, just as it did in at least two states in the 2016 presidential election.
“The Russians will — are continuing to try to destabilize — our form of government and just our way of life, in general,” Krebs said.
When asked if the Russian interference is aimed at undermining democracy, Krebs agreed.
“Exactly. And so, that’s kind of our planning factor,” he said.
“They’re going to be back. They’re trying to get into our heads. They’re trying to hack our brains, so to speak, and ultimately have us — lose faith in our processes.”
Krebs described what he called a “nightmare scenario” where a ransomware attack against state election offices might actually allow hackers to gain access to voter registration databases, allowing them to make changes or even lock it up entirely.
Both the federal and state governments have taken efforts to protect against future election cyberattacks, with the Department of Homeland Security leading the efforts to train them on how to detect attacks. In Ohio, the November 5 attack was detected by the state’s security network, which The Associated Press described as a “sort of digital burglar alarm.” LaRose said that the hackers were attempting to insert malicious code into the election website.
“The good guys won that day and the bad guys lost,” he said.