Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Connectivity

Latest NSA Leak Reveals Exactly the Kind of Cyberattack Experts Had Warned About

The Russian-backed assault, outlined in a newly public NSA analysis, targeted a particularly vulnerable component of the U.S. voting system.

The details of an apparent Russian state-sponsored cyberattack on local election officials and a vendor of U.S. voting software are shocking—but they shouldn’t be surprising. In fact, experts had been warning for months before the 2016 election about exactly the type of attack that was revealed Monday in leaked NSA documents.

According to the documents, the purpose of the attack, which occurred last August, was “to obtain information on elections-related software and hardware solutions.” The attackers “likely used data obtained from that operation to create a new email account and launch a voter-registration themed spear-phishing campaign targeting U.S. local government organizations.”

The NSA’s analysis does not draw any conclusions about whether the attack affected voting outcomes in the presidential election in November, or any other national or local races. But targeting voter registration systems is widely seen as one of the most effective ways to use a cyberattack to disrupt the electoral process. An adversary with access to voter registration information could, for example, delete names from the voter roll or make other modifications to the data that could cause chaos on Election Day. (See “How Hackers Could Send Your Polling Station Into Chaos.”)

Before the election, Rice University computer science professor Dan Wallach told MIT Technology Review that poorly secured voter registration databases were the biggest cybersecurity threat facing the U.S. voting system, since many states put them online. In September, the Associated Press reported that hackers had targeted voter registration systems in 20 states.

Also among potential targets, experts warned at the time, were electronic poll books—computerized versions of the paper lists that poll workers often use to check voters in. Most offer the option to connect to the Internet.

Though the NSA’s leaked analysis did not name the target of the attack it describes, it does make references to a Florida-based company called VR Systems, which makes electronic poll books. In a statement, the company appeared to confirm that it had been targeted, saying that “a handful” of customers had received fraudulent e-mails, but that there was “no indication that any of them clicked on the attachment or were compromised as a result.”

In October, CNN reported that federal investigators thought Russian hackers had compromised an unnamed vendor of voting software that supplied technology for Florida’s voting system. Some have now speculated that that vendor was VR Systems. Products made by VR Systems are used by eight states: California, Florida, Illinois, Indiana, New York, North Carolina, Virginia, and West Virginia.

One of those states—North Carolina, which was seen as a key swing state in the race for the presidency—did experience the type of voter-registration-related issues on Election Day that security experts warned might happen in the event of a cyberattack. In Durham County check-in systems malfunctioned in a number of precincts, leading to long lines and delays and forcing election officials to switch to slower, paper-based processes.

A spokesman for the Durham County Board of Elections told The Intercept that VR Systems’ software was not to blame for these issues, and a spokesperson for the North Carolina Board of Elections told the website that the state “did not experience any suspicious activity during the election outside of what this agency experiences at other times.”

Even so, on Tuesday Senator Mark Warner, the top Democratic member of the Senate Intelligence Committee, told USA Today that Russia’s hacking efforts are more widespread than any previous unclassified reports or the newly leaked NSA document indicate.

And the threat is ongoing. “None of these actions from the Russians stopped on Election Day,” he said.

(Read more: The Intercept, Politico, USA Today, “How Hackers Could Send Your Polling Station Into Chaos”)

Hear more about security from the experts at the EmTech Digital Conference, March 26-27, 2018 in San Francisco.

Learn more and register
More from Connectivity

What it means to be constantly connected with each other and vast sources of information.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.