Monday, 21 August 2017
Latest news
Main » Alleged Russian hack reveals a deeply flawed US election system

Alleged Russian hack reveals a deeply flawed US election system

09 June 2017

This comes on the same day the online news site "The Intercept" posted a report that Russian government hackers carried out a cyberattack against one USA voting software vendor last August, and launched a spear-phishing attack targeting local organizations days before the 2016 presidential election.

The Intercept, a digital magazine founded by journalists involved in the release of documents leaked by NSA contractor Edward Snowden, said some material was withheld at USA intelligence agencies' request because it wasn't "clearly in the public interest". State elections officials said there is no evidence hackers infiltrated supervisor of elections' computer systems or had any impact on the outcome of elections.

The U.S. elections system is a patchwork of more than 3,000 jurisdictions overseen by the states with nearly no federal oversight or standards. But a breach of the systems could have disrupted elections by manipulating voter information used at local precincts, according to The Intercept report.

The Department of Homeland Security knew in September that hackers believed to be Russian agents had targeted the voter registration systems of more than 20 states. Apparently exploiting technical data obtained in that operation, the cyber spies later sent phishing emails to more than 100 local US election officials just days ahead of the November 8 vote, intent on stealing their login credentials and breaking into the their systems, the document says.

Florida State Association of Supervisors of Elections attorney Ron Labasky says even with the intrusion, hackers never got access to ballots or voting software.

S.C. Election Commission Executive Director Marci Andino, however, has asked county election officials to report if the Federal Bureau of Investigation contacts them about being subject to phishing scams tied to last year's election. It's not clear where else the emails may have been sent.

The leaked NSA document published by The Intercept on Monday revealed a report that Russian military actors attacked one of the most especially vulnerable aspects of the American voting system: online voting registration databases.

They are investigating reported attempts to compromise VR Systems, an electronic poll book software company used by 21 of North Carolina's 100 counties.

Volusia County Supervisor of Elections Lisa Lewis also told News 6 that her office received an email November 1 warning them of a possible fraudulent email.

May: London incident 'potential act of terrorism'
Prime Minister Theresa May confirmed that the "terrible incident in London " was being treated as "a potential act of terrorism ". Department of Homeland Security issued a statement advising "any affected U.S. citizens who need assistance to contact the U.S.

ABC7 has confirmed that the Russian government tried to hack into the Collier County Election's Office computers, just days before the 2016 presidential election. The issue forced officials to abandon the system, issue paper ballots and extend voting hours, but officials there said that trouble did not appear to have been caused by hacking.

Hacking elections "has always been thought of as a theoretical possibility, but now we know it is a real threat", said Susan Greenhalgh, a researcher with the Verified Voting Foundation, an election systems monitor.

The NSA document did not name any of the states where local officials were targeted by the emails masquerading as being from VR Systems.

The NSA report does not say whether the cyberattack effort had any effect on the election results.

There also is no indication to date of the reported Russian attempt "resulting in any contact with local election officials in West Virginia", said Steven Adams, spokesman for the secretary of state.

Greenhalgh said that even though most jurisdictions have paper ballots which can be used for recounts, "the bad news is the vast majority of the country doesn't do an audit to catch any errors in the vote counting software".

In a statement issued separately to the newsmedia, Masterson urged "federal agencies that have specific intelligence or resources that could help election officials better secure the election process to share that information with state and local officials as soon as possible". "While phishing attacks are common across all sectors of our society and there is no evidence that this attack targeted voting machines involved in vote tallying of the 2016 Federal Election, this report provides a timely reminder that officials must remain vigilant about election system security", the warning reads.

IL officials have asked local elections offices whether they used VR's software in 2016.