Editorials: How not to handle security threats to our elections | Jessica Brandt/Slate
In the weeks before the 2016 presidential election, a Florida company known as VR Systems fell victim to a Russian spear-phishing campaign. Most Americans have never heard of VR Systems, but it runs poll books—the registries that election workers use to track who is eligible to vote and who has already voted—for counties in eight states around the country. The hackers used the information they gathered from VR Systems to breach two of the Florida county election systems the company managed. And three years later, new reporting suggests that VR Systems may also have inadvertently put Russians in a position to alter voter rolls in North Carolina, another swing state, on the eve of the 2016 presidential election. By using remote-access software to connect directly to election systems, troubleshooters at VR Systems opened a gap that could have been exploited by hackers already in their system. Only now is a federal investigation into whether that actually occurred underway.