Alleged Russian hack reveals a deeply flawed election system

Adjust Comment Print

Humboldt County's Elections and Voter Registration offices are located at 2426 West Sixth Street in northern Eureka.

Security experts have warned for years that hackers could penetrate electronic voting systems, and now, leaked national security documents suggest a concerted effort to do just that in the 2016 U.S. election. Sanders said two state agencies offered to assist with any future services should any gaps be found in the county's security systems, which she said was reassuring. State elections officials said there is no evidence hackers infiltrated supervisor of elections' computer systems or had any impact on the outcome of elections. I cannot stress this too much, as our office receives thousands of fraudulent phishing and spam emails daily, which could cripple our organization without the use of these email resources. "There was no evidence that we were hacked or anything like that". "However, due to the sensitive nature of the discussions we can not comment further".

The vendor hack in Florida prompted the Federal Bureau of Investigation to coordinate an emergency call with county election supervisors who operate the election system in the perennial battleground state.

In the days leading up to the 2016 election, several Florida elections offices received phishing emails that were part of a Russian cyberattack, according to a report by the National Security Agency.

The NSA document did not name any of the states where local officials were targeted by the emails masquerading as being from VR Systems.

Amber Smith of the Osceola County Supervisor of Elections Office said her office did not receive the phishing email. If it had not been leaked, the public would still have nearly no inkling about how diligently Russian hackers worked to penetrate United States voting systems in the view of the U.S. intelligence community.

Nationally, the NSA report said "it is unknown whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor".

USA intelligence agencies have previously said the Kremlin tried to influence the election outcome in favor of Republican candidate Donald Trump through leaks during the campaign of hacked emails from Democratic Party officials, aimed at discrediting Democratic candidate Hillary Clinton.

Published reports, including by The New York Times, have referenced the affected company that uses the electronic voter identification system used by poll workers and sold by VR Systems, a Florida company.

"It just wasn't consistent with something VR Systems would normally send out".

The e-poll books do not contain other identifying information such as birthdays, social security numbers or driver's license numbers, according to Sanders.

Florida State Association of Supervisors of Elections attorney Ron Labasky says even with the intrusion, hackers never got access to ballots or voting software. "Even the computers we scan the ballots on, that's a separate computer than what we tabulate the results on". "It is important that voters know they can trust our systems and are always welcome to ask questions".

More news: Jose Mourinho might not be happy with Manchester United's pre-season plans

Humboldt officials used VR Systems equipment during the November election, but are no longer using it, Sanders said.

"VR [Systems] seemed to think that very few of their customers received the phishing emails", Sanders said.

According to the report, the Russian plan was to trick local government officials into opening Microsoft Word documents that contained hidden malware that could give hackers complete control of infected computers. We have policies and procedures in effect to protect our customers and our company.

Attempts to contact Hart InterCivic were not immediately returned.

"This has been in the works for a number of years", she said.

"When a customer alerted us to an obviously fraudulent email purporting to come from VR Systems, we immediately notified all our customers and advised them not to click on the attachment". "I've said it hundreds of times: 'You can't hack paper.' Seminole County votes on trusted paper ballots".

"When it comes to the technical side of things, you have to have some kind of a back-up that you can rely on", Snipes said.

"I remember thinking to myself, 'wait a minute, they wouldn't be sending out an updated user guide now, it would make no sense..."

It's not clear whether Humboldt County - or any other county in California - was actually a target of that hacking attempt.

After the first suspicious email was sent last August, the FBI's Jacksonville office held a conference call on September 30 with county supervisors of elections to alert them to "a malicious act found in a jurisdiction" in Florida, according to Ion Sancho, the former Leon County elections supervisor who was on the call.

The document's publication on Monday by The Intercept, a news outlet that focuses on security issues, received particular attention because an intelligence contractor, Reality Leigh Winner, was charged the same day with leaking it.

The documents' authenticity has been confirmed by U.S. officials, and the U.S. Department of Justice charged on June 5 charged victor.