The twelve Russians charged with hacking into Illinois’ election database may have worked as intelligence agents, but the I-Team has learned it didn’t take above-average computer intelligence to pull off the heist.
Russian hackers used a common computer trick employed by info-thieves, according to federal investigators.
The electronic intrusion, which occurred in July of 2016 at the Illinois State Board of Election, was via a hacking technique called “SQL injection.” The names, addresses, dates of birth, driver’s license numbers and partial Social Security numbers of about 500,000 Illinois voters are believed to have been stolen, according to federal indictments handed up last week against a dozen Russian operatives and information from state election officials.
“For a lot of voters there has been a lot of fear that there is going to be Russian hacking and stealing my vote after I cast my vote” said Matt Dietrich, spokesperson for the Illinois State Board of Elections. “Not one vote was changed in Illinois based on what happened 2 years ago. Not one vote was attempted to be changed based on that. That was not the object.”
If the object was to simply gain access, grab information and sow discord, then the Russian operation seems to have succeeded.
“The Russians hacked into the computer networks of election officials and vendors in order to steal voter data and other information” said Sen. Dick Durbin , D-Illinois on Tuesday. “We know that Russia meddled in the 2016 election and we know that we should be gearing up for the Russians to interfere with the 2018 midterm election as well.”
SQL, an acronym for Structured Query Language, is a common piece of cyber-trickery used to illegally gain access to government, financial, business and private computers. Experts estimate that 8 of every 10 data breaches occur as a result of SQL injection.
Read the complete article at abc7chicago.com
Chuck Goudie is the chief investigative reporter for ABC 7 Eyewitness News in Chicago.