Russian hackers allegedly infiltrated Florida voter systems

The US Senator for the county declared the assailants were "in a position" to alter voter roll data

Sign for Florida

Russian hackers gained access to one of Florida's electoral systems, to the extent that they were in a position to change voter roll data, according to the US senator for Florida.

During an interview with The New York Times, Marco Rubio said that the group were "in a position" to alter voter roll data, but noted that they didn't appear to have taken such action.

The report in the NYT details how the hackers used a spearphishing method to mimic emails for VR Systems, the company that sells electronic voting equipment to virtually every county in the state. Some officials spotted clues that these emails were not legitimate; they were sent from Gmail accounts and used British vocabulary.

However, as Senator Rubio confirmed, in at least one county, the hackers were able to gain access to a system and place themselves in a position to alter records. In his NYT interview, he said that the information was gleaned through an intelligence operation, not a criminal investigation. In order to protect intelligence methods, he said, national security officials chose to issue a general warning to everyone.

"Everybody has been told what it is they need to do to protect themselves from the intrusion," Rubio said. "I don't believe the specific victims of the intrusion have been notified. The concern was that in a number of counties across the country, there are a couple of people with the attitude of: 'We've got this; we don't need your help. We don't think we need to do what you are telling us we need to do.'"

Advertisement - Article continues below
Advertisement - Article continues below

Rubio added that he was constrained as a member of the intelligence committee as to how much he could tell his constituents. "When someone you know had a problem, but you can't tell them they had a problem, it becomes tense," he said.

"My biggest concern is that on Election Day you go vote and have mass confusion because voter registration information has been deleted from the systems," the senator added.

The spearphishing attempt in Florida had actually first been brought to light nearly two years ago when The Intercept cited a secret National Security Agency report, state officials said they were certain no elections computers had been compromised.

But last week, the Mueller report on Russian interference in the 2016 election turned that assertion on its head and confirmed that hackers had infiltrated the vendor and breached the computer systems of one Florida county. That county has not been revealed by the FBI as yet, even to the states officials.

"The F.B.I.," it said, "believes that this operation enabled the G.R.U. to gain access to the network of at least one Florida county government."

Advertisement - Article continues below

VR Systems chief executive, Ben Martin, said his company was aware of only a "small number of customers" who had received the fraudulent email and of those, none had notified VR Systems that they had clicked on the attachment or were compromised.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020