Russian hackers allegedly infiltrated Florida voter systems

The US Senator for the county declared the assailants were "in a position" to alter voter roll data

Sign for Florida

Russian hackers gained access to one of Florida's electoral systems, to the extent that they were in a position to change voter roll data, according to the US senator for Florida.

During an interview with The New York Times, Marco Rubio said that the group were "in a position" to alter voter roll data, but noted that they didn't appear to have taken such action.

The report in the NYT details how the hackers used a spearphishing method to mimic emails for VR Systems, the company that sells electronic voting equipment to virtually every county in the state. Some officials spotted clues that these emails were not legitimate; they were sent from Gmail accounts and used British vocabulary.

However, as Senator Rubio confirmed, in at least one county, the hackers were able to gain access to a system and place themselves in a position to alter records. In his NYT interview, he said that the information was gleaned through an intelligence operation, not a criminal investigation. In order to protect intelligence methods, he said, national security officials chose to issue a general warning to everyone.

"Everybody has been told what it is they need to do to protect themselves from the intrusion," Rubio said. "I don't believe the specific victims of the intrusion have been notified. The concern was that in a number of counties across the country, there are a couple of people with the attitude of: 'We've got this; we don't need your help. We don't think we need to do what you are telling us we need to do.'"

Rubio added that he was constrained as a member of the intelligence committee as to how much he could tell his constituents. "When someone you know had a problem, but you can't tell them they had a problem, it becomes tense," he said.

"My biggest concern is that on Election Day you go vote and have mass confusion because voter registration information has been deleted from the systems," the senator added.

The spearphishing attempt in Florida had actually first been brought to light nearly two years ago when The Intercept cited a secret National Security Agency report, state officials said they were certain no elections computers had been compromised.

But last week, the Mueller report on Russian interference in the 2016 election turned that assertion on its head and confirmed that hackers had infiltrated the vendor and breached the computer systems of one Florida county. That county has not been revealed by the FBI as yet, even to the states officials.

"The F.B.I.," it said, "believes that this operation enabled the G.R.U. to gain access to the network of at least one Florida county government."

VR Systems chief executive, Ben Martin, said his company was aware of only a "small number of customers" who had received the fraudulent email and of those, none had notified VR Systems that they had clicked on the attachment or were compromised.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Biden nominees highlight tough cyber security challenges
cyber security

Biden nominees highlight tough cyber security challenges

20 Jan 2021
Report: Security staff excluded from app development
cyber security

Report: Security staff excluded from app development

20 Jan 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

20 Jan 2021
SolarWinds hackers hit Malwarebytes through Microsoft exploit
hacking

SolarWinds hackers hit Malwarebytes through Microsoft exploit

20 Jan 2021

Most Popular

Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021