Leaked NSA doc highlights deep flaws in US election system

Adjust Comment Print

VR Systems maintains the Volusia County voter registration database, and the list of voters is a public record, Lewis said.

Bruce Schneier, chief technology officer of IBM Resilient and a fellow at Harvard's Berkman Klein Center for Internet & Society, said the report shows the weaknesses of United States election systems. "There was no evidence that we were hacked or anything like that".

"It's my hope in the coming days that we can get more information out about that". "However, due to the sensitive nature of the discussions we can not comment further".

An alleged attempted cyberattack on USA voting systems included an effort to hack into the Volusia County Supervisor of Elections Office.

According to the document, the Russian military targeted the company VR systems, which serves most of Florida's 67 supervisor of elections offices by providing software, voter registration systems, trailing, hardware and firmware.

On Nov. 1, VR Systems sent emails to almost all county supervisor of elections officials warning them not to open the attachments after the company was alerted to the hacking by a customer.

Federal Bureau of Investigation agents briefed Florida elections supervisors of the threat last August. Analysts at the NSA believed the hackers were working for the Russian military's General Staff Main Intelligence Directorate, or GRU, according to the document.

Nationally, the NSA report said "it is unknown whether the aforementioned spear-phishing deployment successfully compromised the intended victims, and what potential data could have been accessed by the cyber actor".

Humboldt County's connection to VR Systems comes through the Texas-based company Hart InterCivic, Sanders said. That contract was in place for the November 2016 election.

By now I'm sure you've read the numerous reports of the recently leaked NSA report on Russian Hacking and hopefully you have taken the time to read the statement released by VR Systems.

That would include voters' addresses, signatures, social security numbers, and drivers license numbers, Edwards said. The software is not used to tabulate voting results.

"In no way did this have any effect on the counting of the ballots", she said. "Unless, someone goes in and begins to remove names from the voter registration system, when people show up to vote, forcing them to cast a provisional ballot or something that nature".

Notre Dame attacker had pledged allegiance to ISIS
Be proactive - Use the "Flag as Inappropriate" link at the upper right corner of each comment to let us know of abusive posts. Witnesses around Notre Dame Cathedral are describing a dramatic police operation in the tourist-filled site in central Paris .

Miami-Dade's elections office said it did did not receive the second message that the NSA report said was aimed at elections officials.

"VR [Systems] seemed to think that very few of their customers received the phishing emails", Sanders said. In a statement, the company said it only knows of a "handful" of customers who received the fraudulent email, adding that it had "no indication" that anyone had clicked on the malware.

Attempts to contact Hart InterCivic were not immediately returned.

Election supervisors in Citrus, Clay and Pasco counties said they, too, got the emails, but also did not open them, the Tampa Bay Times reported Tuesday.

"When a customer alerted us to an obviously fraudulent email purporting to come from VR Systems, we immediately notified all our customers and advised them not to click on the attachment".

Secretary of State Alex Padilla said his office hasn't found any other counties besides Humboldt that used VR Systems equipment so far.

Storm said that this filtration system is not foolproof, but said that is where the county's intrusion prevention system would kick in and block it. "There are constant phishing attacks, but they have not affected us". He said the attempted hacking wouldn't have been able to alter votes, but possibly could have caused chaos by deleting voters from the voter rolls.

It's not clear whether Humboldt County - or any other county in California - was actually a target of that hacking attempt.

The Pasco elections supervisor said he was immediately suspicious when the email with an "updated user guide" as an attachment came into his inbox on October 31, 2016, eight days after early voting had begun in most Florida counties.

Victor is still in federal custody, and she will have a detention hearing on Thursday.

US District Court charged a 25 year old intelligence contractor from Georgia, Augusta for copying classified documents and mailing them, leaking them outside of the US. Victor was charged with transmitting classified information Monday just hours after the document was published by The Intercept.