- Joe Raedle/Getty Images
Sen. Mark Warner told USA Today on Tuesday that “the extent” of Russia’s cyberattacks around the US election “is much broader than has been reported so far.”
The comments from Warner, the ranking Democrat on the Senate Intelligence Committee, came one day after The Intercept reported on a top-secret National Security Agency document that said hackers associated with Russia’s military intelligence agency targeted a company with information on US voting software days before the election.
They used the data to launch “voter registration-themed” cyberattacks on local government officials, according to the NSA document.
Warner told USA Today that he was pushing intelligence agencies to declassify the names of the particular states affected by those cyberattacks so they could prepare before midterm elections in 2018. The Senate Intelligence Committee is investigating Russia’s election interference and whether any of President Donald Trump’s campaign team colluded with Moscow to undermine Hillary Clinton.
“I really want to press the case,” Warner said. “This is not an attempt to embarrass any state. This is a case to make sure that the American public writ large realizes that if we don’t get ahead of this, this same kind of intervention could take place in 2018 and definitely will take place in 2020.”
Up to 20% of US voters in at least seven states used a digital system without a paper trail to cast votes on November 8, according to a report published by the Brennan Center for Justice. Forty-two states used voting machines in the 2016 election that were at least a decade-old and had outdated hardware and software, the report said.
The NSA document offers the clearest indication yet that Russian hackers sought to penetrate US voting systems tied to voter registration in the days and weeks leading up to the election. And it’s likely “just the tip of the iceberg,” said Jeff Bardin, the chief intelligence officer at cybersecurity firm Treadstone 71.
“This was the Russians’ way of seeing what they could get access to,” Bardin said in an interview. “They realized they could get access to the voting registration systems, which can have an impact on state elections and primaries. And this was only one NSA report about one [hacked] system.”
“If the Russians were going after this system, how many others could they have gone after?” Bardin added.
The NSA document – which the Justice Department says was stolen and leaked to The Intercept by a 25-year-old government contractor from Georgia – concluded that “Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards” in the days leading up to the election.
The NSA did not draw any conclusions on whether the effort had any effect on the election’s outcome, and declined to comment when reached by Business Insider on Monday.
But evidence that the hackers were also stealing the login credentials of people with administrative access to the voter registration systems, according to the NSA report, raises concerns that the Russians were able to do “anything they wanted” – including, Bardin said, the possibility that voting machines could have been breached.
“It is possible,” Bardin said. “The voter registration systems they hacked would just have to have some tie back into the actual voting machine.”