Those actors, who according to the CISA constitute “an advanced persistent threat”, used this tactic to exploit vulnerabilities in the Windows authentication service Netlogon.
“These recent malicious activities were often, but not exclusively, directed against government networks at the State, local, tribal and territorial levels. Although it does not appear that these targets are being targeted due to their proximity to election-related information, there may be some risk to the information about the elections stored in government networks, “says the note.
It is emphasized that “the CISA is aware of several cases when this activity resulted in unauthorized access to electoral support systems.”
“However, the CISA has no evidence that the integrity of the electoral data was compromised,” the text says.
The United States will hold a presidential election on November 3.