« IPA サプライチェーン・サイバーセキュリティ・コンソーシアム(SC3)が設立されますね。。。 | Main | オーストラリア 個人情報保護法の改正に向けて公開協議を開始 »


米国 CISAとFBIがイランのAPT攻撃者が有権者登録データを取得していたと公表していますね。。。


米国 CISAとFBIがイランのAPT攻撃者が有権者登録データを取得していたと公表していますね。。。



・2020.10.30 Alert (AA20-304A) Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

Technical Detailsに

CISA and the FBI can confirm that the actor successfully obtained voter registration data in at least one state. The access of voter registration data appeared to involve the abuse of website misconfigurations and a scripted process using the cURL tool to iterate through voter records. A review of the records that were copied and obtained reveals the information was used in the propaganda video. 




■ 報道等

● Bloomberg

・2020.10.31 Iran Accused of Hacking U.S. Voter Data Before Election Day by 

The FBI and the Cybersecurity Infrastructure Security Agency -- a unit of the Department of Homeland Security -- revealed Friday that the attack was an effort to “influence and interfere” in the 2020 presidential election. The agencies said the attack was executed by the same group of Iranians that sent faked, threatening emails targeting Democratic voters earlier this month.

The agencies didn’t disclose which state was breached.


● NBC news

・2020.10.31 Iran targeting U.S. state voter rolls and spreading election propaganda, officials say

At least one state's voter registration data was obtained, but there is no indication that any voter registration databases have been manipulated or any votes have been changed.

● FOX 

・2020.10.30 Iranian hackers who posed as the Proud Boys accessed voter data in one state, feds say by Donie O'Sullivan and Alex Marquardt, CNN

● Voice of America

・2020.10.30 US Confirms Iran Hacked Voter Registration Data in 1 State by Jeff Seldin

● Cyberscoop

・2020.10.30 Iranian hackers probed election-related websites in 10 states, US officials say by 

● Bleeping Computer

・2020.10.30 FBI: How Iranian hackers stole voter info from state election sites by

DHS CISA and the FBI today shared more info on how an Iranian state-sponsored hacking group was able to harvest voter registration info from U.S. state websites, including election sites.

The harvested data was later used fake Proud Boys voter intimidation emails that targeted Democratic voters attempting to convince them to vote for President Trump.

■ その他参考


・2020.10.22 [PDF] Iranian State-Sponsored Advanced Persistent Threat Actors Threaten Election-Related Systems


The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process.

The APT actors are creating fictitious media sites and spoofing legitimate media sites to spread obtained U.S. voter-registration data, anti-American propaganda, and misinformation about voter suppression, voter fraud, and ballot fraud.

The APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, structured query language (SQL) injections attacks, spear-phishing campaigns, website defacements, and disinformation campaigns.



● The New York Times

・2020.10.21 Iran and Russia Seek to Influence Election in Final Days, U.S. Officials Warn

Iran is behind threatening, spoofed emails sent to voters, the officials said, but there was no indication that any votes themselves had been altered.


« IPA サプライチェーン・サイバーセキュリティ・コンソーシアム(SC3)が設立されますね。。。 | Main | オーストラリア 個人情報保護法の改正に向けて公開協議を開始 »


Post a comment

(Not displayed with comment.)

Comments are moderated, and will not appear on this weblog until the author has approved them.

« IPA サプライチェーン・サイバーセキュリティ・コンソーシアム(SC3)が設立されますね。。。 | Main | オーストラリア 個人情報保護法の改正に向けて公開協議を開始 »