Ohio detected and neutralized a cyber attack against its election systems earlier this month, it was traced to a Russian-owned company.

Ohio officials thwarted a cyber attack against its election infrastructure earlier this month, the state’s elections chief announced.

According to the Republican Secretary of State Frank LaRose, the cyber attack was “relatively unsophisticated” and it took place on Election Day, on November 5. The attack was apparently originated in Panama, but experts traced it to a Russian-owned company.

“Ohio Secretary of State Frank LaRose said Tuesday that the so-called SQL injection attack was detected by the state’s internal systems. The attack was attempting to insert malicious code into his office’s website.” reported The Columbus Dispatch.

“The attempted hack originated in Panama but was traced to a Russian-owned company, LaRose said, although he called the effort “relatively unsophisticated.”

“Some of these unsophisticated attacks are ways that they probe for vulnerabilities. They are poking around for soft spots,” LaRose said

LaRose explained that the attackers were probing for vulnerabilities in his office’s website.

Although the attack aimed at disrupting and undermining the credibility of the elections, according to LaRose it cannot affect Ohio’s election results because voting systems are not exposed online

LaRose added that the attack was spotted by the Ohio intrusion system “Albert.”

Pierluigi Paganini

(SecurityAffairs – Ohio Election Day, hacking)