The Federal Bureau of Investigation (FBI), in coordination with the Department of Homeland Security’s (DHS) Office of Intelligence and Analysis (I&A), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Election Assistance Commission (EAC) prepared this overview to help partners defend against insider threat concerns that could materialize during the 2024 election cycle.
For years, federal, state, local, and private sector partners nationwide have worked closely together to support state and local officials in safeguarding election infrastructure from cyber, physical, and insider threats. Because of these efforts, there is no evidence that malicious actors changed, altered, or deleted votes or had any impact on the outcome of elections. Over the past several years, the election infrastructure community has experienced multiple instances of election system access control compromises conducted by insider threats. While there is no evidence that malicious actors impacted election outcomes, it is important that election stakeholders at all levels are
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Dutch government seizes control of Chinese-owned chipmaker Nexperia
October 13, 2025
The Dutch government has granted itself the power to intervene in company decisions at Dutch-based Chinese-owned chipmaker Nexperia. The highly unusual step, announced late Sunday, grants the country the power to “halt and reverse” company decisions — meaning Nexperia cannot transfer assets or hire executives without Dutch government approval, according to national media. The move is ...
- US Air Force admits SharePoint privacy issue as reports trickle out of possible breach
October 1, 2025
The US Air Force is reportedly investigating a potential data breach caused by a Microsoft SharePoint issue. A report from The Register revealed the Air Force Personnel Center Directorate of Technology and Information issued a data breach notification shared on social media. “This message is to inform you of a critical Personally Identifiable Information (PII) and ...
- YouTube to pay $24.5 million to settle Trump lawsuit
September 30, 2025
YouTube agreed to pay $24.5 million to settle a lawsuit filed by President Donald Trump after he was suspended by social media platforms following the January 6, 2021, insurrection. This makes Alphabet-owned YouTube the last of the three Big Tech social media companies sued by Trump — which included Meta and then Twitter, now called X ...
- ‘Widespread’ breach let hackers steal employee data from FEMA and CBP
September 29, 2025
A “widespread cybersecurity incident” at the Federal Emergency Management Agency allowed hackers to make off with employee data from both the disaster management office and U.S. Customs and Border Protection, according to a screenshot of an incident overview presentation obtained by Nextgov/FCW. The hack is also suspected to have later triggered the dismissal of two dozen ...
- CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices
September 25, 2025
Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices to address vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower devices. CISA has added vulnerabilities CVE-2025-20333 and CVE-2025-20362 to the Known Exploited Vulnerabilities Catalog. The Emergency Directive requires federal agencies to identify, analyze, and mitigate potential compromises immediately. Agencies ...
- US federal agency breached by hackers using GeoServer exploit
September 24, 2025
In mid-July 2024, a threat actor managed to break into a US Federal Civilian Executive Branch (FCEB) agency by exploiting a critical remote code execution (RCE) vulnerability in GeoServer, the government has confirmed. In an in-depth report detailing the incident, the US Cybersecurity and Infrastructure Security Agency (CISA) outlined how the attackers leveraged CVE-2024-36401, a 9.8/10 ...