A new joint intelligence bulletin (JIB) by DHS and FBI reports that the attacks in 2016 were much more extensive than earlier reported.
As reported by the intelligence newsletter OODA Loop, the JIB stated that, while the FBI and DHS "previously observed suspicious or malicious cyber activity against government networks in 21 states that we assessed was a Russian campaign seeking vulnerabilities and access to election infrastructure," new information obtained by the agencies "indicates that Russian government cyber actors engaged in research on—as well as direct visits to—election websites and networks in the majority of US states." While not providing specific details, the bulletin continued, "The FBI and DHS assess that Russian government cyber actors probably conducted research and reconnaissance against all US states’ election networks leading up to the 2016 Presidential elections."
[...]
The "actors" performed their research "in alphabetical order by state name," the bulletin states, "suggesting that at least the initial research was not targeted at specific states." The research focused on Secretary of State voter registration and election results sites, but it also drilled down on some local election officials' webpages. As they accessed sites, actors "regularly attempted to identify and exploit SQL database vulnerabilities in webservers and databases."
arstechnica.com/...