The leak of a classified NSA document confirming that Russian military intelligence interfered with the 2016 U.S. presidential race has reinforced the need to fix vulnerabilities in America’s voting infrastructure before the next election cycle, say experts who expressed dismay over the reported intricacy of the Kremlin’s campaign. According to the leaked report, which was dated May 5 and published yesterday by The Intercept, the Russian General Staff Main Intelligence Directorate, or GRU, launched a spoofing attack against an unnamed electronic voting vendor, in order to get access to that company’s data and internal systems. Next, the GRU hackers (often referred to as the APT Fancy Bear) sent various government employees spear phishing emails that appeared to be from this e-voting vendor, but in actuality contained attachments that infected machines with malware. … J. Alex Halderman, director of the Center for Computer Security & Society at the University of Michigan’s College of Engineering, said that Russia’s spearphishing plot “raises an enormous number of questions about how far they got [and] if other vendors were attacked that haven’t been detected or announced yet, about what they were trying to do, and about whether they succeeded” in their ultimate objective.
… Halderman left the door open to the possibility that votes could have been sabotaged. For instance, if an infected state election official has network access to systems used to program voting machines, then the hackers “can potentially spread malicious software to the machines themselves and change votes,” explained Halderman, who was among a group of computer scientists who in November 2016 lobbied Hillary Clinton campaign officials to contest certain states’ vote counts to ensure voting machines were not compromised.
… Halderman said he would have preferred if U.S. intel agencies had revealed even more information back in their December 2017 Grizzly Steppe report, which resulted in President Barack Obama’s sanctions against Russia. “I’m glad that we know this information now, because I think the public and legislators being aware of it is important for making sure we [take steps] to secure voting before the next election,” he said.
… For future elections, Halderman recommended that every vote should be recorded on paper – out of reach of cyberattackers – and that after the polls close, states should be required to conduct an audit to ensure that hard-copy records match the voting machine data.