Skip to Content

Latest NSA Leak Reveals Exactly the Kind of Cyberattack Experts Had Warned About

The Russian-backed assault, outlined in a newly public NSA analysis, targeted a particularly vulnerable component of the U.S. voting system.

The details of an apparent Russian state-sponsored cyberattack on local election officials and a vendor of U.S. voting software are shocking—but they shouldn’t be surprising. In fact, experts had been warning for months before the 2016 election about exactly the type of attack that was revealed Monday in leaked NSA documents.

According to the documents, the purpose of the attack, which occurred last August, was “to obtain information on elections-related software and hardware solutions.” The attackers “likely used data obtained from that operation to create a new email account and launch a voter-registration themed spear-phishing campaign targeting U.S. local government organizations.”

The NSA’s analysis does not draw any conclusions about whether the attack affected voting outcomes in the presidential election in November, or any other national or local races. But targeting voter registration systems is widely seen as one of the most effective ways to use a cyberattack to disrupt the electoral process. An adversary with access to voter registration information could, for example, delete names from the voter roll or make other modifications to the data that could cause chaos on Election Day. (See “How Hackers Could Send Your Polling Station Into Chaos.”)

Before the election, Rice University computer science professor Dan Wallach told MIT Technology Review that poorly secured voter registration databases were the biggest cybersecurity threat facing the U.S. voting system, since many states put them online. In September, the Associated Press reported that hackers had targeted voter registration systems in 20 states.

Also among potential targets, experts warned at the time, were electronic poll books—computerized versions of the paper lists that poll workers often use to check voters in. Most offer the option to connect to the Internet.

Though the NSA’s leaked analysis did not name the target of the attack it describes, it does make references to a Florida-based company called VR Systems, which makes electronic poll books. In a statement, the company appeared to confirm that it had been targeted, saying that “a handful” of customers had received fraudulent e-mails, but that there was “no indication that any of them clicked on the attachment or were compromised as a result.”

In October, CNN reported that federal investigators thought Russian hackers had compromised an unnamed vendor of voting software that supplied technology for Florida’s voting system. Some have now speculated that that vendor was VR Systems. Products made by VR Systems are used by eight states: California, Florida, Illinois, Indiana, New York, North Carolina, Virginia, and West Virginia.

One of those states—North Carolina, which was seen as a key swing state in the race for the presidency—did experience the type of voter-registration-related issues on Election Day that security experts warned might happen in the event of a cyberattack. In Durham County check-in systems malfunctioned in a number of precincts, leading to long lines and delays and forcing election officials to switch to slower, paper-based processes.

A spokesman for the Durham County Board of Elections told The Intercept that VR Systems’ software was not to blame for these issues, and a spokesperson for the North Carolina Board of Elections told the website that the state “did not experience any suspicious activity during the election outside of what this agency experiences at other times.”

Even so, on Tuesday Senator Mark Warner, the top Democratic member of the Senate Intelligence Committee, told USA Today that Russia’s hacking efforts are more widespread than any previous unclassified reports or the newly leaked NSA document indicate.

And the threat is ongoing. “None of these actions from the Russians stopped on Election Day,” he said.

(Read more: The Intercept, Politico, USA Today, “How Hackers Could Send Your Polling Station Into Chaos”)

Keep Reading

Most Popular

Geoffrey Hinton tells us why he’s now scared of the tech he helped build

“I have suddenly switched my views on whether these things are going to be more intelligent than us.”

ChatGPT is going to change education, not destroy it

The narrative around cheating students doesn’t tell the whole story. Meet the teachers who think generative AI could actually make learning better.

Meet the people who use Notion to plan their whole lives

The workplace tool’s appeal extends far beyond organizing work projects. Many users find it’s just as useful for managing their free time.

Learning to code isn’t enough

Historically, learn-to-code efforts have provided opportunities for the few, but new efforts are aiming to be inclusive.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.