Skip to content
Naked Security Naked Security

Feds say Russian 2016 election meddling spanned all US states

A multi-agency report has strengthened claims that Russia meddled with election systems in all 50 US states during the last presidential race.

A multi-agency report has strengthened claims that Russia meddled with election systems in all 50 US states during the last presidential race.

The report is called a joint intelligence bulletin (JIB), and it comes from the Department of Homeland Security and the FBI. It is an unclassified document intended for internal distribution to state and local authorities.

Intelligence newsletter OODA Loop reports that the JIB reveals stronger evidence of Russian interference. Agencies believe that Russian agents targeted more than the 21 states initially suspected.

According to the bulletin:

Russian cyber actors in the summer of 2016 conducted online research and reconnaissance to identify vulnerable databases, usernames, and passwords in webpages of a broader number of state and local websites than previously identified, bringing the number of states known to be researched by Russian actors to greater than 40.

Although there are some gaps in the data, the bulletin claims “moderate confidence” that Russia conducted “at least reconnaissance” against all US states because its research was so methodical, it added.

Russia’s cyberspace election meddling played out between June and October 2016, with most activity occurring in July, the JIB said. They researched election-related websites and information in at least 39 states or territories, with Secretary of State websites drawing the most attention. They proceeded alphabetically through the states “with some exceptions”, although OODA Loop doesn’t say what they were.

The agency also went beyond mere reconnaissance, though. According to the bulletin, they regularly tried to find vulnerabilities in SQL databases behind state election websites. They were able to access voter registration files in one place, and a sample ballot from a US county website in another.

The bulletin builds on previous joint work done by the two agencies. The most detailed was a joint analysis report released in December 2016 that identified two Russian groups interfering in the 2016 election.

The first was Advanced Persistent Threat (APT) 29, which entered the fray in 2015, while the second, APT28 (also known as Fancy Bear), entered in spring 2016. Both of these groups used spearphishing attacks to distribute malware. The 2016 attack resulted in the Democratic National Committee hack that saw senior party members’ emails distributed online.

A subsequent indictment of several Russian military officers as part of the Mueller investigation into Russian election interference surfaced more details. These included the theft of data on around 500,000 voters from an unnamed state’s board of elections. They took names, addresses, partial Social Security numbers, dates of birth, and driving license numbers.

The news comes as the US Senate considers a bill calling for sanctions on any country found meddling in US elections. The Defending Elections from Threats by Establishing Redlines (DETER) bill calls for the US Director of National Intelligence to compile reports on any foreign interference within 60 days of the election. It particularly calls out Russia, singling out its financial institutions for economic sanctions should it be caught interfering in the US election.

7 Comments

Fake news. It’s impossible for anyone to do anything to elections in the US. Unless you work inside the system but that isn’t happening either. The people who did that report must be Obama’s spies.

“Impossible”? Hardly. But there is some validity to your “Fake news” point; How did we go from assumptions made about possible research all the way to “election meddling spanned all US states”? That’s a hell of a stretch. Seems like Lisa Vaas might have composed that headline, as she has been driving the election meddling line all along… like trying to subtly convert campaign meddling stories into claims of election tampering. Have we seen a single vote altered yet?

Well, the US judiciary officially calls it “interference” (see the charge sheet we link to at the end). And I think you have to accept that “meddling” is a satisfactory synonym for “interference”, so the word seems reasonable enough for the context in which it’s used.

IMO it is an unfair criticism for you to invite people to infer that we carefully chose the word “meddling” (in the sense of grubbing around uninvited) to make them think we meant “tampering” (in the sense of hacking or altering the actual vote-reckoning process).

The article didn’t say that Russia was able to change or submit fraudulent votes, just that they performed reconnaissance against state election offices.

“The Defending Collections from Threats by Establishing Redlines (DETER) bill calls for the US Director of National Intelligence to compile reports on any foreign interference within 60 days of the election.”

Umm, I think you mean “Defending Elections from Threats by Establishing Redlines (DETER)”. Otherwise, wouldn’t the acronym be “DCTER”?

Actually, it seems that it started life as “Defending Elections against Trolls from Enemy Regimes”. From congress.gov:

Introduced in Senate (04/26/2018)

Defending Elections against Trolls from Enemy Regimes Act or DETER Act

This bill amends the Immigration and Nationality Act to make an alien who is seeking to engage in, or has engaged in, improper interference in a U.S. election inadmissible.

But now the name appears to be exactly as you say. At any rate, it’s definitely ‘elections’ and not ‘collections’.

I’ll update the text accordingly – thanks.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?