The FBI recently sent a flash warning states to be on alert after election databases in Arizona and Illinois showed signs of cyberattacks. | AP Photo Cybersecurity firm links state election hacks to Russian activity in Europe

Researchers have found a connection between cyberattacks on two states’ election databases and suspected Russian digital strikes in Turkey, Ukraine and Germany.

One of the Internet Protocol addresses identified in an FBI flash alert about the attacks in Arizona and Illinois was also used to carry out cyberattacks on Turkey’s ruling Justice and Development Party, Germany’s Freedom Party and Ukrainian lawmakers, ThreatConnect said in a report released Friday.


The FBI alert, which advised other states to scan for signs of the same compromise, sparked new fears that underfunded state election offices are a prime target for foreign hackers who have already breached the Democratic National Committee and other U.S. political organizations.

ThreatConnect said in its report that the IP address 5.149.249.172 — one of six flagged in the FBI’s alert — was used in a "spearphishing" campaign against the Ukrainian, Turkish and German targets between March and August.

The campaign “fits a known Russian targeting focus and modus operandi,” ThreatConnect said.

It is possible for digital attackers to route their activities through certain IP addresses to mask their identities or frame other actors, but ThreatConnect maintained that, with this new information, the state election attacks were “more suggestive of state-backed rather than criminally motivated activity.”