Leaked NSA document: Tallahassee-based voter registration software hacked by Russians

The document, purportedly produced by the U.S. National Security Agency, outlines alleged attempts by Russian military intelligence to hack into state and local election systems - the latest evidence of a broad and sophisticated foreign attack on the integrity of U.S. elections.

Joe Canciamilla, the clerk-recorder and registrar of voters in Contra Costa County - which has no connection with VR Systems - said in an interview that the episode could encourage jurisdictions to spend more on technology to protect voting data. None of its tabulation software is connected to the internet. Sanders said two state agencies offered to assist with any future services should any gaps be found in the county's security systems, which she said was reassuring.

In October, CNN reported that federal investigators thought Russian hackers had compromised an unnamed vendor of voting software that supplied technology for Florida's voting system.

The NSA report does not say whether the cyberattack effort had any effect on the election results.

But the report filled in a lot of details about how Russian hackers targeted the vendor in order to pose as one of its employees and then sent phishing emails to more than 100 local election officials using that assumed identity.

"I think the important thing for the public is that the story is not directed toward our ability to cast and count ballots".

Though the NSA's leaked analysis did not name the target of the attack it describes, it does make references to a Florida-based company called VR Systems, which makes electronic poll books.

"We are only aware of a handful of our customers who actually received the fraudulent email and of those, we have no indication that any of them clicked on the attachment or were compromised as a result", it reads. The emails included an attached Microsoft Word document infected with malware that appeared to be a user manual but if opened could give hackers wide access to a computer.

LOCAL PROBLEMS VR Systems officials did not respond directly to questions emailed by the AP.

More news: Shorthanded Predators beat Ducks 3-1 for 3-2 series lead

Bruce Schneier, chief technology officer of IBM Resilient and a fellow at Harvard's Berkman Klein Center for Internet & Society, said the report shows the weaknesses of U.S. election systems.

Russian President Vladimir Putin has denied widely made allegations by USA officials that Russia was involved in efforts to game the election.

Sanders said that the county is now seeking a new vendor to provide the polling software, but said it was due to changes in state regulations and not in any way related to the hacking incident.

The statement also said the IT department was already in the process of improving its security systems, prior to the release of the information.

"We'd like to make sure we go that extra step to make sure the voters in our community are confident in their votes", she said.

The Mercury News reported that the alleged source of the leaked NSA document was a 25-year-old government contractor Reality Leigh Winner of Georgia.

"The report indicates that Russian hacking may have penetrated further into USA voting systems than was previously understood", according to The Intercept, the news outlet that published the story.

Bruce Schneier, chief technology officer of IBM Resilient and a fellow at Harvard's Berkman Center, said the report shows the weaknesses of USA election systems. First, I want to remind you that contrary to the headline of numerous published reports, there has not been a verified report of any "hacking of United States voting system".

  • Adam Floyd