The Russian connectionRussian government hackers broke into voting systems in 39 states

Published 15 June 2017

The attack by the Russian government hackers on the U.S. electoral system during the 2016 campaign involved thirty-nine states. This figure shows that the Russian attack was broader and deeper than previously thought. The cyberattacks targeted software used by states election commissions in the months and weeks before the election – and by poll workers on election day. The type of targets the Russian government hackers chose also indicates that in addition to the immediate goal of helping elect Donald Trump president, the hackers were trying to gain knowledge which would allow them to interfere in, and influence, the 2018 mid-term elections of 2020 presidential election even more effectively than they did the 2016 presidential election.

The attack by the Russian government hackers on the U.S. electoral system during the 2016 campaign involved thirty-nine states, knowledgeable sources told Bloomberg.

The sources said that this figure shows that the Russian attack was broader and deeper than previously thought.

The cyberattacks targeted software used by states election commissions in the months and weeks before the election – and by poll workers on election day. The type of targets the Russian government hackers chose also indicates that in addition to the immediate goal of helping elect Donald Trump president, the hackers were trying to gain knowledge which would allow them to interfere in, and influence, the 2018 mid-term elections of 2020 presidential election even more effectively than they did the 2016 presidential election.

The Intercept recently published a top-secret NSA detailing an attempted launch of a Russian spear-phishing campaign on local governments in advance of the U.S. election. The report suggested hackers had accessed at least one U.S. voting software supplier (see “Russian government hackers hacked U.S. voting system manufacturer last August: NSA report,” HSNW, 6 June 2017).

Bloombergnotes that the hackers accessed dozens of voter databases and at least one campaign finance database.

The breadth and depth of the Russian attack was so alarming to the U.S. intelligence community, that Obama administration officials used the “red line” to complain directly to senior Russian government officials. U.S. intelligence and law enforcement agencies believed that the Russian government hackers positioned themselves so that they could delete voter rolls, disrupt vote count reports, and otherwise tamper with the voting process in order to undermine confidence in the election.

NBC reported that the White House did not mince words in its warning to the Kremlin: “International law, including the law for armed conflict, applies to actions in cyberspace,” the White House said in one message to Moscow. “We will hold Russia to those standards.”

The hacking by the Russian government hackers continued, however, even after the White House’s stern warning.

A U.S. intelligence official told Bloomberg it was not likely the Russians had learned how actually to change votes across the country in the short time after the attack – although they proved they could corrupt and voter rolls, thus influencing the actual voting in specific locations by making thousands of voters ineligible — but with three years until the next election, another intelligence source warned, they will have ample time to practice.

Also, by successfully hacking the networks of a Florida company which writes and distributes the software used in programming voting machines, the Russian government hackers showed an understanding of how to reach thousands of voting machines in key states by focusing on inserting malware into the software written by just one company which is responsible for maintaining and programming these machines.

As James Comey said in his Senate hearing last week, echoing the conclusion of the U.S. intelligence community: “[This] it is a long-term practice of theirs,” he said of Moscow. “It’s stepped up a notch in a significant way in ‘16. They’ll be back.”

The Dallas Morning News reports that the most severe Russian attack took place in Illinois, where the Russian hackers accessed as many as 90,000 voter records. These records include names, dates of birth, genders, driver’s incenses and partial Social Security numbers.

U.S. intelligence then found that the Russian government hackers used the same methods they used in Illinois in thirty-eight other states.

The U.S. intelligence agencies had reported in January that Russian government hackers accessed “elements of multiple U.S. state or local electoral boards.”

The extent of the Russian attack was not revealed until the Intercept earlier this month published the report jointly written by the CIA, NSA, and FBI.