DHS Tells States They Were Hacked by Russians
Much attention has been focused on Russian efforts to contact, and perhaps influence, members of the Trump campaign; however, it is important to note that there was a concurrent effort to pull off a blunt, more traditional physical hack into U.S. election systems. This hack was acknowledged in the January 2017 U.S. intelligence community report, in which the U.S. intelligence agencies confirmed that Putin directed a vast cyberattack during the 2016 election with the intention of electing Donald Trump as President.
In August 2016, just over two months before Election Day, Russian hackers conducted phishing attacks on U.S. election software companies, details of which were revealed in a leaked NSA document provided to The Intercept. In September 2016, the hackers continued to target voting infrastructure—the total number of states that were targeted would ultimately total to at least twenty one (possibly even thirty nine.) The NSA document detailed how Russian operatives carried out a spear-phishing operation, targeting voter registration systems where they “could have gotten information about individual voters, such as addresses or birth dates;” in one case, hackers targeted the election-software company VR Systems. Between October 31 and November 1, 2016, hackers reportedly sent a second round of malware to email addresses “associated with named local government organizations,” likely to officials managing the voter registration systems. Despite President Obama’s warning September 2016 warning to Russian President Vladimir Putin “not to hack the U.S. election infrastructure,” the NSA report indicates that the hacking continued well into October.
However, U.S. states were not notified by the federal government that their systems had been hacked until almost one year after the election. On September 22, 2017, the Department of Homeland Security notified 21 states that Russian hackers targeted their election systems; several states later contradicted this claim, and the full extent of the hacking remains unclear. Although Putin denied any interference on Russia’s part, the NSA document indicates that the cyberattacks were carried out by the Russian GRU. The July 2018 Special Counsel indictment provided more details on these hacking efforts, alleging that Russian hackers accessed the website of a state board of elections in July of 2016 and stole “information related to approximately 500,000 voters, including names, addresses, partial social security numbers, dates of birth, and driver’s license numbers. The Intercept reported that the NSA has learned that Russian government hackers “focused on parts of the system directly connected to the voter registration process, including a private sector manufacturer of devices that maintain and verify the voter rolls.” It remains unknown how successful these attacks were.
Concerns about these hacks have prompted states to upgrade their databases and voting machines, and The New York Times reported that these bipartisan efforts “amount to the largest overhaul of the nation’s voting infrastructure since the contested presidential election in 2000.” States including West Virginia, Colorado, Rhode Island, and Delaware have adopted measures that include employing cybersecurity experts, performing “risk-limiting” audits, and upgrading older voting systems. The Department of Homeland Security designated election systems as “critical infrastructure.” In December 2017 a bipartisan group of Senators introduced a bill that would “authorize block grants for states to upgrade outdated voter technology.” The 2018 omnibus spending bill, which Trump signed into law on March 22, 2018, included $380 million intended to help states boost their election security, as well as $300 million specifically designated to combat Russian cyberattacks.