Hey, everyone, good news! Russia had the ability to alter voter registration data in several states in 2016 … but they didn’t use it! What a relief, right?
The Department of Homeland Security has previously publicly acknowledged that Russians scanned systems in 21 states and were able to “penetrate” a handful. But cybersecurity experts say the report Tuesday from the Senate intelligence committee offers new details on what exactly Russian-backed hackers could have done once they got inside election systems.
“In at least six states, the Russian-affiliated cyber actors went beyond scanning and conducted malicious access attempts on voting-related websites. In a small number of states, Russian-affiliated cyber actors were able to gain access to restricted elements of election infrastructure,” the report says. “In a small number of states, these cyber actors were in a position to, at a minimum, alter or delete voter registration data; however, they did not appear to be in a position to manipulate individual votes or aggregate vote totals.”
The report, part of the Senate intelligence committee’s inquiry into Russian interference in the 2016 election, says the committee saw “no evidence” any votes or voter registration information was altered or changed.
The available information about Russian hacking of state election systems has gone from essentially “nothing to see here” to "okay, maybe there's something to see here" to "yeah, it's more than previously disclosed" to however you want to characterize this. A test run for 2018 which will be a test run for 2020? If this is even the full story to begin with—at this point it’s hard to be confident we won’t learn in a few months that the interference was greater than the Senate intelligence committee is telling us now.
Only 17 states have formally requested election risk assessments by the Department of Homeland Security so far, and only nine of those assessments have been completed. So we have to regard the 2018 elections as vulnerable.