Russian hackers allegedly infiltrated Florida voter systems
The US Senator for the county declared the assailants were "in a position" to alter voter roll data
Russian hackers gained access to one of Florida's electoral systems, to the extent that they were in a position to change voter roll data, according to the US senator for Florida.
During an interview with The New York Times, Marco Rubio said that the group were "in a position" to alter voter roll data, but noted that they didn't appear to have taken such action.
The report in the NYT details how the hackers used a spearphishing method to mimic emails for VR Systems, the company that sells electronic voting equipment to virtually every county in the state. Some officials spotted clues that these emails were not legitimate; they were sent from Gmail accounts and used British vocabulary.
However, as Senator Rubio confirmed, in at least one county, the hackers were able to gain access to a system and place themselves in a position to alter records. In his NYT interview, he said that the information was gleaned through an intelligence operation, not a criminal investigation. In order to protect intelligence methods, he said, national security officials chose to issue a general warning to everyone.
"Everybody has been told what it is they need to do to protect themselves from the intrusion," Rubio said. "I don't believe the specific victims of the intrusion have been notified. The concern was that in a number of counties across the country, there are a couple of people with the attitude of: 'We've got this; we don't need your help. We don't think we need to do what you are telling us we need to do.'"
Rubio added that he was constrained as a member of the intelligence committee as to how much he could tell his constituents. "When someone you know had a problem, but you can't tell them they had a problem, it becomes tense," he said.
"My biggest concern is that on Election Day you go vote and have mass confusion because voter registration information has been deleted from the systems," the senator added.
The spearphishing attempt in Florida had actually first been brought to light nearly two years ago when The Intercept cited a secret National Security Agency report, state officials said they were certain no elections computers had been compromised.
But last week, the Mueller report on Russian interference in the 2016 election turned that assertion on its head and confirmed that hackers had infiltrated the vendor and breached the computer systems of one Florida county. That county has not been revealed by the FBI as yet, even to the states officials.
"The F.B.I.," it said, "believes that this operation enabled the G.R.U. to gain access to the network of at least one Florida county government."
VR Systems chief executive, Ben Martin, said his company was aware of only a "small number of customers" who had received the fraudulent email and of those, none had notified VR Systems that they had clicked on the attachment or were compromised.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now