Capitol - Your Illinois News Radar » Illinois elections software vendor hacked by Russians
SUBSCRIBE to Capitol Fax      Advertise Here      Mobile Version     Exclusive Subscriber Content     Updated Posts    Contact
To subscribe to Capitol Fax, click here.
Illinois elections software vendor hacked by Russians

Tuesday, Jun 6, 2017

* AP

Russian hackers attacked at least one U.S. voting software supplier days before last year’s presidential election, according to a government intelligence report leaked Monday that suggests election-related hacking penetrated further into U.S. voting systems than previously known.

The classified National Security Agency report, which was published online by The Intercept, does not say whether the hacking had any effect on election results. But it says Russian military intelligence attacked a U.S. voting software company and sent spear-phishing emails to more than 100 local election officials at the end of October or beginning of November. […]

The document said Russian military intelligence “executed cyber espionage operations against a named U.S. company in August 2016 evidently to obtain information on elections-related software and hardware solutions, according to information that became available in April 2017.”

The hackers are believed to have then used data from that operation to create a new email account to launch a spear-phishing campaign targeting U.S. local government organizations, the document said. “Lastly, the actors send test emails to two non-existent accounts ostensibly associated with absentee balloting, presumably with the purpose of creating those accounts to mimic legitimate services.”

* On to the Illinois angle

A new published report suggests a vendor for the Illinois elections board might have been compromised by Russian hackers seeking to attack voting systems here and in other states.

Russian hackers attacked the voting-software supplier days before last year’s presidential election, according to the classified National Security Agency report.

The report, published online by The Intercept, does not say whether the hacking had any effect on election results. But it says Russian military intelligence attacked a U.S. voting software company and sent spear-phishing emails to more than 100 local election officials at the end of October or beginning of November.

The company involved has contracts in eight states: Illinois, California, Florida, Indiana, New York, North Carolina, Virginia, and West Virginia, according to The Intercept. It was unclear whether any officials in Illinois might have received spear-phishing emails.

Illinois election officials acknowledged to The Washington Post last year that they discovered “an intrusion” into the state’s election system in July, months before the November election.

* The Hill

Though the manufacturer victimized by the attack has its name masked throughout the report, contextual clues imply that it might be VR Systems.

The email account used to spearphish customers is listed as, and the attack made use of malware-infected files with titles that reference to the EViD poll book system. The report makes reference to voter-registration themed phishing attacks against third parties possibly using information from the account, making it likely the company is somehow related to registration or voter roles.

VR’s website says EViD products were used in California, Florida, Illinois, Indiana, North Carolina, New York and Virginia. The company is based in Florida.

The NSA document alleges the GRU have hacked the voting systems company using a false Google alert requiring a target to enter login credentials. According to the report, it also attempted a parallel campaign using a false email account meant to be confused with a second company.

The report does not claim that voting machines were hacked, a once-popular post-election theory from Democrats, nor does it state whether the information pertaining to the voting systems could be used to hack those systems.

* What’s EViD?

The EViD system is a network of electronic devices at voting sites communicating with each other and with the county’s voter registration system. The electronic devices—EViD stations—allow poll workers to quickly check in voters during early voting and on election day.

A voter’s voting history is transmitted immediately to the county database, eliminating the massive effort for post-election processing, and concerns about multiple votes.

With the EViD system, there’s no need for printed poll books: all the information you need is on the EViD. To check in a voter, the poll worker swipes their photo ID on an EViD station or types their name and birthdate on the onscreen keyboard. Using the ID data, the EViD system verifies the voter’s eligibility. Then it requests the voter’s signature on the electronic sig pad, and checks them in to vote.

* From the Intercept

But a more worrying prospect, according to [Mark Graff, a digital security consultant and former chief cybersecurity officer at Lawrence Livermore National Lab], is that hackers would target a company like VR Systems to get closer to the actual tabulation of the vote. An attempt to directly break into or alter the actual voting machines would be more conspicuous and considerably riskier than compromising an adjacent, less visible part of the voting system, like voter registration databases, in the hope that one is networked to the other. Sure enough, VR Systems advertises the fact that its EViD computer polling station equipment line is connected to the internet, and that on Election Day “a voter’s voting history is transmitted immediately to the county database” on a continuous basis. A computer attack can thus spread quickly and invisibly through networked components of a system like germs through a handshake.

- Posted by Rich Miller        

  1. - 47th Ward - Tuesday, Jun 6, 17 @ 11:17 am:

    I can’t believe the name of the leaker is really Reality L. Winner. She’s going to jail, for sure, but I mean, even Ian Flemming couldn’t come up with a name like that for one of his Bond characters.

    You can’t make this stuff up.

  2. - Last Bull Moose - Tuesday, Jun 6, 17 @ 11:34 am:

    The possibilities of voter fraud now seem very real. This warrants a vigorous and thoughtful response. We need to make sure that our voting is free from foreign interference.

    We are perfectly capable of electing fools without outside help.

  3. - Put the fun in unfunded - Tuesday, Jun 6, 17 @ 11:48 am:

    If true this is poll book software, which is NOT connected to the ballot counting, at least in DuPage where I have seen it used.

  4. - Telly - Tuesday, Jun 6, 17 @ 11:49 am:

    The senate held a subject matter hearing on this a month or two ago. It was actually pretty interesting and surprisingly, the state board of elections tech guys seemed to have a decent grasp of things.

    The general consensus was the hackers were either engaged in identity theft or on an exploritory mission to see where they could go in the system. These latest reports, and the fact that no identity theft incidents have been reported, seem to indicate the latter is true.

  5. - Archpundit - Tuesday, Jun 6, 17 @ 11:52 am:

    The last paragraph is unclear. What is networked is the voter information not the actual vote counts. Hacking that can create big problems, but it still isn’t about tabulation which is not networked

  6. - New McCarthyism - Tuesday, Jun 6, 17 @ 11:53 am:

    Don’t blame the voters, it’s the Russians fault!

  7. - Anotherretiree - Tuesday, Jun 6, 17 @ 11:53 am:

    Maybe Ian would’ve used Reality Galore and her accomplish Dirk Diggler ?

  8. - Biker - Tuesday, Jun 6, 17 @ 11:54 am:

    Let’s talk about North Carolina…

    Cuz suddenly these voter registration verification laptop issues on election day seem interesting. And add to that the rest of the shenanigans, it’s worth the magnifying glass

  9. - Rich Miller - Tuesday, Jun 6, 17 @ 11:55 am:

    ===Don’t blame the voters===

    And that has what to do with what? Nobody says they changed the results here. It’s about how they’re poking around in our electoral software.

    If you don’t care that the Russians appear to have hacked into our systems, then you’re just plain unAmerican. We used to call people like you traitors.

  10. - titan - Tuesday, Jun 6, 17 @ 12:06 pm:

    They seem to be mixing up the state board with one or more county/city election jurisdictions, and mixing up different incidents.

    The EViD system is an electronic pollbook, and the state board doesn’t buy those. Some county or city election jurisdictions might have them, but not the state.

    The state database problem that occurred last summer was not a spearphishing scam, it was an SQL injection through the state website -

  11. - Put the fun in unfunded - Tuesday, Jun 6, 17 @ 12:06 pm:

    As a safeguards against hacking - from whatever source - our company uses two-factor authentication. Another reason to require voter id.

  12. - Responsa - Tuesday, Jun 6, 17 @ 12:07 pm:

    After Wikileaks President Obama told Putin in person in early September to “cut it out” and assured the public that Russian interference had been handled. This leak shows that Putin did not “cut it out.”

  13. - New McCarthyism - Tuesday, Jun 6, 17 @ 12:17 pm:

    You’re horrible Rich. Whose fault is it that public policy allows election
    software to be outsourced to unsecured vendor sites? Who makes these policy decisions?
    We used to call people like you who pretend to be shocked by something that’s been going on for a long time on both sides dishonest.

  14. - Anonymous - Tuesday, Jun 6, 17 @ 12:18 pm:

    =We used to call people like you traitors.=

    We still do

  15. - FormerParatrooper - Tuesday, Jun 6, 17 @ 12:26 pm:

    I understand why people are suddenly worried about Russian attempts to meddle in elections. This has been ongoing since the beginnings of the Cold War. The difference now is the new technology. We should have better safeguarded our systems from hacking because it doesn’t take much common sense to know enemies will exploit any weakness they find. We do the same type of cyber warfare as well.

    And it looks like the weakest link was not the software, but people not trained well enough to recognize they were being targeted.

  16. - Anonymous - Tuesday, Jun 6, 17 @ 12:27 pm:

    =We used to call people like you traitors.=

    We still do=

    Anonymous McCarthyite coward must be the person who designed the security system for the IL software.
    Sound like some serious projection with these traitor allegations.

  17. - 51st ward - Tuesday, Jun 6, 17 @ 12:34 pm:

    “If you don’t care that the Russians appear to have hacked into our systems, then you’re just plain unAmerican. We used to call people like you traitors”.

    Careful Rich next thing you know the media and Democrat mouth pieces will be saying your living in the past. Remember : “The 1980s are now calling to ask for their foreign policy back because…the Cold War’s been over for 20 years.” that was Obama after Romney said Russia was our enemy. Hmmm was Romney right?

  18. - cdog - Tuesday, Jun 6, 17 @ 12:35 pm:

    We need a 21st Century Voting Act.

    In the meantime,
    remember that DHS has been proven to have hacked the Georgia election system*,
    Vault 7 has proven that the CIA obfuscates IP addresses to appear Russian, Chinese, Iranian, etc., and
    the US intelligence agencies are at the top of the list of entities that meddle with elections in other countries.

    Concluding, with all that evidence to potentially falsify any claim of “knowing” who done it, why would a person not suspend belief?

    Always best to know what you don’t know. Stay opened minded especially in current times.

    Hopefully the “ruling party” can move past the current issues and tighten up things on this.


  19. - 47th Ward - Tuesday, Jun 6, 17 @ 12:36 pm:

    ===Democrat mouth pieces===

    The proper word is “Democratic.” We prefer Democratic mouth pieces. Thanks.

    Carry on.

  20. - James Knell - Tuesday, Jun 6, 17 @ 12:48 pm:

    Throughout history, outside threats like Napoleon, two world wars, and the cold war forced elites into national social contracts where power & wealth were shared. Ironic that Russian oligarchs and some American oligarchs have found common cause in undermining democracy. I wonder how this will end?

  21. - @MisterJayEm - Tuesday, Jun 6, 17 @ 1:02 pm:

    Anonymous commenters accusing anonymous commenters of cowardice for commenting anonymously is a compelling argument for ignoring anonymous commenters.

    – MrJM

  22. - Roman - Tuesday, Jun 6, 17 @ 2:06 pm:

    - 47th Ward -

    Silly you. Proper grammar, like science, is so overrated.

  23. - CrazyHorse - Tuesday, Jun 6, 17 @ 2:21 pm:

    ==What is networked is the voter information not the actual vote counts. Hacking that can create big problems, but it still isn’t about tabulation which is not networked==


    Still after months and months of investigations there is no evidence of a Trump-Russia collusion. This kind of story can confuse people into thinking Russian hackers somehow could have altered the vote counts. It’s just not the case. Our National Security Agency is already on the record saying there was absolutely no evidence that any actual votes were tampered with.

    ==If you don’t care that the Russians appear to have hacked into our systems, then you’re just plain unAmerican. We used to call people like you traitors.==

    Personally, I don’t like Russian hacking AT ALL but we (not saying you here Rich) should be at least as outraged by the people leaking this classified info. If anyone deserves to be labeled traitors it is certainly them. Sadly, since the leaks are all designed to damage Trump and his administration, the vast majority of the heavily left-leaning MSM likely view the leakers as “Patriots” or “Whistleblowers”. They’re anything but. Well, at long last, at least one of these leakers has been arrested.

  24. - Amalia - Tuesday, Jun 6, 17 @ 2:50 pm:

    when your name is not in the system, it becomes difficult for you to vote. there are numerous stories of this in the Nov. election in key states. it may well be possible that the votes were tampered with by preventing people from voting. there is a persistent theme of erasure since Trump. stopping reporters from asking questions. taking voters names out of the system. the census to come could be an opportunity to erase people and take them from services due to less money available. if you prevent someone from doing something, you have done something. it’s just harder to track.

  25. - CrazyHorse - Tuesday, Jun 6, 17 @ 3:35 pm:

    ==it may well be possible that the votes were tampered with by preventing people from voting.==

    Again since the NSA has gone on record stating that they found absolutely ZERO evidence that any actual votes were tampered with that is the only foundation of facts we have to build on. Rather than unfounded theory about possible voter supression caused by Russian hackers, how about considering what some lifelong Democratic strategists like Axelrod and others have said about how the Russians didn’t stop Clinton from campaigning in Michigan and Wisconsin.

    I mean Clinton lost to Bernie Sanders in Michigan and it was considered a monumental political upset. If that defeat didn’t raise a red flag to the Clinton team that there was work to be done in Michigan, then I guess it doesn’t surprise me that they would rather dabble in conspiracy theory than take a long, painful look in the mirror.

  26. - A guy - Tuesday, Jun 6, 17 @ 4:41 pm:

    This is no laughing matter and very serious. We need to know what was done and what effect it may have had in any instance, whether votes were affected or not. Though, there is consensus that votes were not tampered with.

    Tough to see where Illinois was influenced. They’re either terrible at it or this race was closer than the blowout it was?? A milder blowout? From the article, Illinois (and California?) must’ve simply been collateral in a package of states where something might matter.
    This is weird stuff and needs to be fleshed out.

  27. - Mama - Tuesday, Jun 6, 17 @ 5:04 pm:

    ….But, but President Putin stated on TV that “Russia did not hack the U.S. election”, & there are people who believed him.

    Why are we even asking him? If people don’t know that man is an enemy of the U.S. & a liar, there is no hope.

  28. - Jeff Trigg - Tuesday, Jun 6, 17 @ 5:04 pm:

    Stop whining about Russia Russia Russia and fix the biased election laws, that is IF you really care about the integrity of our elections.

    Maybe the Russians will finally let independents get on the ballot in Illinois, unlike the Democrats. It wasn’t the Russians violating the 1st and 14th Amendments of the US Constitution for 25 years, illegally keeping competition off the Illinois ballot.

    7th Circuit Court of Appeals
    “In combination, the ballot access requirements for independent legislative candidates in Illinois–the early filing deadline, the 10% signature requirement, and the additional statutory restriction that disqualifies anyone who signs an independent candidate’s nominating petition from voting in the primary–operate to unconstitutionally burden the freedom of political association guaranteed by the First and Fourteenth Amendments. Ballot access barriers this high–they are the most restrictive in the nation and have effectively eliminated independent legislative candidacies from the Illinois political scene for a quarter of a century–are not sustainable based on the state’s asserted interest in deterring party splintering, factionalism, and frivolous candidacies”.

  29. - Biker - Tuesday, Jun 6, 17 @ 5:38 pm:

    Crazyhorse, wrong blog, this ain’t breitbart

Sorry, comments for this post are now closed.

* Question of the day
* 707 new cases, 25 additional deaths, 3.0 percent positivity rate
* State brings in $52 million in 6 months from cannabis sales
* Pritzker talks about reopening schools, bars and restaurants, what could prompt a tightening, bowling lawsuit, executive orders, traveler quarantine, the growing cases among young people and his graduated income tax spending
* Caption contest!
* It's only July, but Chicago vote by mail applications already break record
* Schools eye reopenings
* *** UPDATED x1 *** State swats down one lawsuit as two more are filed
* Everyone has their own priorities
* Lots of hopes pinned on new IDES director
* Open thread
* SUBSCRIBERS ONLY - Fundraiser list
* SUBSCRIBERS ONLY - Supplement to today's edition
* SUBSCRIBERS ONLY - Today's edition of Capitol Fax (use all CAPS in password)
* Yesterday's stories

Visit our advertisers...





Main Menu
Pundit rankings
Subscriber Content
Blagojevich Trial
Updated Posts

July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004

Blog*Spot Archives
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005


RSS Feed 2.0
Comments RSS 2.0

Hosted by MCS SUBSCRIBE to Capitol Fax Advertise Here Mobile Version Contact Rich Miller