Russia’s efforts to hack the 2016 presidential election were much more widespread than originally thought. The Russian campaign hit 39 states — twice as many as originally reported — and in one case hackers tried to delete and alter voter data.
That’s the startling revelation from a Bloomberg report this morning. The extent of the cyber intrusion was so widespread that Obama administration officials used the infamous “red phone” — which is really a digital communications channel that allows the countries to send information back and forth — to show Kremlin leaders what they had discovered. It remains unclear, though, if these intrusions had any direct effect on the election’s outcome.
Still, this is another example of Russia taking advantage of the many online vulnerabilities in America’s voting network, which is comprised of software companies, online registration sites, and vital information that election officials willingly send to each other over email.
All of them play an important part in obtaining and safeguarding sensitive voter information, but it appears the Russians have figured out how to get that data.
“If you got 10 people working to try and figure out what the US election system is for 18 months, of course they’re going to figure it out,” said Beau Woods, a cybersecurity expert at the Atlantic Council, a Washington-based think tank.
Russia, of course, denies having anything to do with the hackers that pulled this off. Either way, the news comes at an inauspicious time for President Donald Trump, who has had to deal with congressional hearings featuring former FBI Director James Comey last week and Attorney General Jeff Sessions today, each digging deep into his campaign’s possible collusion with Russia.
So, despite assurances from the Obama administration that the election’s integrity was not compromised, there was still a very large-scale Russian effort to mess with it. That means future elections, including ones next year, run the risk of being tainted.
Russia hacked into the voting systems of 39 states
The hack into Illinois’s election system is the one we know the most about. Ken Menzel, who serves as general counsel for the Illinois state board of elections, told Bloomberg that a part-time contractor for the state board of elections noticed unauthorized data leaving the network.
That data contained the personal information of around 15 million people, including names, birthdays, genders, and partial Social Security numbers. It was a huge coup for the Russians, as around half of those 15 million were active voters. Apparently, the cyber intruders aimed to delete or alter voter data they got a hold of.
But even if they did that, that still wouldn’t necessarily have affected the election. It’s the counties that upload voter information to the state, not vice versa. So even if all the rolls were deleted at the state level, there was a backup plan in place to restore all the names.
Voter data wasn’t all the information the hackers were after, though. In a different, unidentified US state, the Russians were able to get information from a campaign finance database, which would give them insight into the financial connections between certain voters and candidates.
America’s elections system is vulnerable to attacks
The intrusions scared these states so much that they ended up asking the Department of Homeland Security for special teams to help keep hackers out. Others hired private companies for the same mission.
The Obama administration was worried about these developments, too. Using the secure “red phone” backchannel, it showed the extent of the hacking campaign to its Russian counterparts.
If Kremlin officials were upset about it, they didn’t seem to show it. Russian leaders kept requesting more information. And throughout that whole process, the hackers proceeded with their work.
Some inside the Obama administration wanted to go public with the information. But the White House decided against it, claiming it wasn’t worth risking people’s faith in the election’s integrity.
So, it seems despite efforts to stop Russia’s actions and sanctions related to Moscow’s meddling, it effectively got away with it. But because vital elections information is online for the taking, the Russians didn’t need to try too hard.
“Most states these days have online voter registration tools or online absentee-ballot request tools. That means that the voter registration data base is online,” Douglas W. Jones, an elections expert at the University of Iowa, said in an interview.
In effect, Russia didn’t need an “inside man” for this — Americans make this information obtainable for elite hackers by putting all of this critical information on the internet. That leaves the US very vulnerable to these kinds of attacks.
So while it’s unclear still if Russia’s hacking efforts actually influenced the outcome of the election, the fact that it is able to access such important information is already troublesome in itself.
And that bodes poorly for the 2018 elections and others beyond that, as their integrity becomes more and more suspect with each new revelation of the extent of Russia’s election-hacking campaign.
Surely Special Counsel Robert Mueller and the congressional investigations into Russia’s possible ties to the Trump campaign will look into all of this. There may even be questions about it asked of Sessions this afternoon.
But in the meantime, collusion with Trump or not, we now know that Russia has struck deeper into the heart of America’s democracy: its elections.