Campaign Year Draws Hacking Attempts, According to Election Officials

“There’s thousands of them every day,” said Clay County Elections Supervisor Chris Chambless.

by Arek Sarkissian, Naples Daily News, Fla. / June 8, 2017
Shutterstock

(TNS) -- TALLAHASSEE - State and local election officials across the country reported numerous hacking alerts last year from suspicious emails sent to their systems, including at least eight Florida counties that received one tied to what U.S. intelligence officials say was a Russian effort to disrupt the presidential campaign.

While election officials contacted by the USA TODAY NETWORK said there were no successful hacks into their voting systems or offices, some noted that suspicious activity directed through a Tallahassee-based election software company came amid a flurry of other threats routinely blocked by election offices.

Election offices divert spam, phishing attempts and other suspicious emails into quarantine systems on a regular basis and may not know about specific hacking attempts unless notified, officials said.

“There’s thousands of them every day,” said Clay County Elections Supervisor Chris Chambless, who also serves as president of the Florida State Association of Election Supervisors.

But the details about specific efforts by suspected Russian hackers show just how far and wide those attempts stretched.

A National Security Agency report published by the website The Intercept said Russian military intelligence executed a cyberattack on at least one U.S. supplier of voting software and sent deceptive emails to more than 100 local election officials in the days leading up to the November election.

The supplier, identified by the website as VR Systems of Tallahassee, contacted Florida counties it serves last year with guidance on what to do if they received the suspicious email from "vr.elections@gmail.com." The notice came before the November election last year and after federal officials alerted election offices about the threat.

Most Florida counties use VR Systems software to manage voter information and rolls, not for voting machines or tabulation. But a breach of the systems could have disrupted elections by manipulating voter information used at local precincts, according to The Intercept report.

USA TODAY NETWORK - Florida asked election supervisors in the state's 67 counties if they had received the suspicious emails and received 39 responses. Eight counties — Clay, Collier, Citrus, Escambia, Hillsborough, Pasco, Putnam, and Vousia — said they received the email, and it was quarantined and did not give hackers access.

Brian Corley, Pasco County's supervisor, said his staff caught the threatening email last year and it was quarantined.

“Even with all of the technology out there, our staff knows what to look for,” he said.

Citrus County Supervisor of Elections Susan Gill said she discovered the suspicious email Tuesday after media accounts about the NSA report. It was tucked away on a quarantine log like the other threats, Gill said.

“There it was, just sitting there,” she said. “They’re so common we usually don’t worry about them unless we get an alert, and those come in from our association of elections supervisors or the National Security Agency.”

Virginia Sen. Mark Warner has called for declassifying the names and number of states affected by the Russian hacking attempt as a way to prevent such attempts in next year's midterm elections.

States already monitor for suspicious activity in their computer systems, including election networks.

Wisconsin reported a spike in attempts to break into state computer systems just before the state's primary and general elections last year, according to records obtained by USA TODAY NETWORK - Wisconsin. It's not clear, however, if any of those were tied to the Russian effort identified by U.S. intelligence.

Two days before the state's April 5, 2016, presidential primary, the reports show, state security analysts logged more than 150,000 alerts in a single day for attempts to find holes in state systems. Wisconsin has typically logged fewer than 60,000 of these alerts per day over the past two years.

Even more unusual, the number of alerts logged on a single November day spiked to more than 800,000 — a more than tenfold increase over the normal daily peak. It was the largest single-day spike in the past two years.

Wisconsin Gov. Scott Walker's administration said the spikes in April 2016 and November were "spread across all of our servers," including — but not limited to — election systems. It attributed the November spike to international malware but didn't provide an explanation for the April surge.

Election offices across the country were on high alert last year after U.S. intelligence identified potential Russian threats. In Arizona and Illinois, election officials reported breaches of voter registration databases but said systems involved in counting votes were not affected. The FBI then warned other states to check their protections against attacks.

Jeanne Atkins, who was Oregon secretary of state during the election, said Homeland Security tested the state’s voter registration database, which is connected to the internet.

“There were concerns. We were in constant monitoring mode,” Atkins said.

Homeland Security made the same offer to all states, through the National Association of Secretaries of State, she said.

David McManus, a Republican chairman of Maryland's State Board of Elections, said while no hacking attempts were identified in his state, he's concerned enough about the NSA report's findings to have state election systems reviewed for security.

©2017 the Naples Daily News (Naples, Fla.) Distributed by Tribune Content Agency, LLC.