VR Systems

Tag Archive

National: State election boards’ hands are sometimes tied when it comes to voting machine security. | Slate

Voting in the United States is highly decentralized—and in many ways that’s a good thing when it comes to security. Having different regions operate their own elections and count their own votes makes it harder for someone to forge, compromise, or change a large number of votes all at once. But that decentralization also means that individual states, counties, or districts are also often free to make bad decisions about what kind of voting technology to use—and it’s surprisingly hard to stop them. Earlier this week, North Carolina’s state elections board made a last-ditch attempt to convince a judge to prohibit counties in the state from using voting software manufactured by VR Systems on the grounds that the board hadn’t officially certified the software since 2009. On Monday—the day before Election Day—that attempt failed when Superior Court Judge Paul Ridgeway declined to intervene.

Read More

North Carolina: Judge denies challenge of VR Systems election software | Associated Press

With only hours to go before Tuesday’s municipal elections, a trial judge has turned away North Carolina’s effort to avoid using the polling-place software of a company targeted by Russian hackers last year. Lawyers for the state elections board said the Election Day poll book software that VR Systems provides to nearly 30 of North Carolina’s 100 counties hasn’t been officially certified. VR Systems persuaded an administrative law judge last Friday to side with the Florida-based company, which says the software remains approved under the original certification it obtained eight years ago, in October 2009. Superior Court Judge Paul Ridgeway declined to intervene, deferring to Administrative Law Judge Don Overby’s ongoing oversight of the case, including a proposed hearing set for next spring. The elections board formally asked the state Court of Appeals late Monday to delay the enforcement of Overby’s restraining order and preliminary injunction. Read More

National: Russian Cyberattack Targeted Elections Vendor Tied To Voting Day Disruptions | NPR

When people in several North Carolina precincts showed up to vote last November, weird things started to happen with the electronic systems used to check them in. “Voters were going in and being told that they had already voted — and they hadn’t,” recalls Allison Riggs, an attorney with the Southern Coalition for Social Justice. The electronic systems — known as poll books — also indicated that some voters had to show identification, even though they did not. Investigators later discovered the company that provided those poll books had been the target of a Russian cyberattack. There is no evidence the two incidents are linked, but the episode has revealed serious gaps in U.S. efforts to secure elections. Nine months later, officials are still trying to sort out the details. … At first, the county decided to switch to paper poll books in just those precincts to be safe. But Bowens says the State Board of Elections & Ethics Enforcement got involved “and determined that it would be better to have uniformity across all of our 57 precincts and we went paper poll books across the county.” Read More

Editorials: Transparency is Solution to Shameful Lack of Security For U.S. Voting Systems Revealed by NSA Leak | Leah Rosenbloom/ACLU

Elections belong to the public. Just as we have the right to understand our overall election process, we have a right to understand the underlying hardware and software involved in electronic voting. We have a right to understand where our votes and voter registrations go, who checks them, and which institutions have access to that information. The NSA document allegedly leaked by Reality Leigh Winner and recently published by The Intercept suggests that the government is no longer confident about that critical information. The report details a Russian spear-phishing campaign that introduced malware into election contractors’ and officials’ machines, causing them to run “an unknown payload from malicious infrastructure.” According to the report, “It is unknown…what potential data could have been accessed” by Russian hackers. The malicious code was implanted into instructions for EViD, a piece of software that allows poll workers to verify voters’ sensitive personal information, including name, address, registration status, and voting history. The verification is done entirely over the Internet, and all data is communicated to and from EViD’s “secure website.” Read More

National: State and local election systems easy prey for Russians hackers | McClatchy

Local officials consistently play down suspicions about the long lines at polling places on Election Day 2016 that led some discouraged voters in heavily Democratic Durham County, N.C., to leave without casting a ballot. Minor glitches in the way new electronic poll books were put to use had simply gummed things up, according to local elections officials there. Elections Board Chairman William Brian Jr. assured Durham residents that “an extensive investigation” showed there was nothing to worry about with the county’s new registration software. He was wrong. What Brian and other election officials across eight states didn’t know until the leak of a classified intelligence is that Russian operatives hacked into the Florida headquarters of VR Systems, Inc., the vendor that sold them digital products to manage voter registrations. …  David Jefferson, a computer scientist at the Lawrence Livermore National Laboratory in California who has acted in his personal capacity in trying to safeguard election integrity, said he believes it is “absolutely possible” that the Russians affected last year’s election. “And we have done almost nothing to seriously examine that,” he said. “The Russians really were engaged in a pattern of attacks against the machinery of the election, and not merely a pattern of propaganda or information warfare and selective leaking,” said Alex Halderman, a University of Michigan computer science professor. “The question is, how far did they get in that pattern of attacks, and were they successful?” Read More

National: Despite NSA Claim, Elections Vendor Denies System Was Compromised In Hack Attempt | NPR

The Florida elections vendor that was targeted in Russian cyberattacks last year has denied a recent report based on a leaked National Security Agency document that the company’s computer system was compromised. The hackers tried to break into employee email accounts last August but were unsuccessful, said Ben Martin, the chief operating officer of VR Systems, in an interview with NPR. Martin said the hackers appeared to be trying to steal employee credentials in order to launch a spear-phishing campaign aimed at the company’s customers. VR Systems, based in Tallahassee, Fla., provides voter registration software and hardware to elections offices in eight states. “Some emails came into our email account that we did not open. Even though NSA says it’s likely that we opened them, we did not,” Martin says. “We know for a fact they were never opened. They did not get into our domain.” Read More

California: Humboldt County shores up voting systems after Russian hack | San Jose Mercury News

Election officials in Humboldt County are checking their voter data after a leaked National Security Agency document alleged that Russian operatives hacked one of the county’s voting software contractors. According to a NSA memo published Monday by the news website The Intercept, Russia’s military intelligence unit, the G.R.U., successfully hacked a Florida voting software company, VR Systems, last summer. That hack then led to a broader hacking attempt of local election boards around the country just days before the November election. Humboldt County, population 136,000, might not seem like a top target for the Russians. The far-north county, which includes the city of Eureka, is more famous for its redwoods, coastline and marijuana crop than its politics. But the county Office of Elections had a contract with elections company Hart InterCivic, and Hart used VR Systems for its electronic poll books — the devices poll workers use to check in voters at the ballot. Read More

New York: Onondaga among 4 New York counties to use voting software targeted by Russian hackers | syracuse.com

Onondaga County is among four New York counties that used voting software provided by a U.S. company targeted in a cyber-attack by Russia before the 2016 presidential election, election officials said Wednesday. Onondaga, Cayuga, Cortland and Orange counties used the EVid software from a vendor that partnered with U.S. supplier VR Systems of Florida, said Thomas Connolly, speaking for the New York State Board of Elections. The company’s devices were used by the New York counties as electronic poll books to check voter registration, supplementing existing paper books at selected voting precincts in November as part of a state pilot program, Connolly said. The devices were never linked to live voter registration databases, and state elections officials have found no indication hackers compromised the state’s voting system, Connolly said. Read More

Florida: Phishing expedition: At least 5 Florida counties targeted by Russian election hack | Tampa Bay Times

Russian hackers tried to break into the computer systems of at least five Florida county elections offices days before the 2016 presidential election, according to five county officials who say they received malicious emails described in a leaked intelligence report. Election supervisors in Hillsborough, Pasco, Citrus and Clay counties separately told the Times/Herald their offices got the emails, which contained attachments that could have taken over their computers. But all four said their staffers did not open them. Volusia County said it opened one of the infected emails, but not the attachment that could have compromised its systems. There’s been no evidence disclosed publicly that any counties were breached. It’s not clear how many counties were targeted, in Florida or across the country. The Times/Herald sent requests for the emails to all 67 elections offices in the state. Nineteen replied back that they searched for them and couldn’t find any. Read More

Florida: E-pollbook Vendor takes responsibility for delaying St. Lucie County election results | TC Palm

A server malfunction — in equipment operated by a private company — resulted in the delay posting primary-election results Tuesday night, the company’s CEO said Thursday. Totals for early and absentee voting didn’t appear on the supervisor of elections website until nearly an hour after the polls closed at 7 p.m. St. Lucie’s problem was part of a domino effect, according to Mindy Perkins, CEO of VR Systems, an online election system-reporting company used by the St. Lucie County Supervisor of Elections Office and about 50 other Florida counties. A VR Systems technician used an incorrect link to allow Broward County Supervisor of Elections to preview results, according to affidavit from Perkins. Read More