The attack by Russian hackers turned out to be bigger than previously thought

Cyber attacks by Russian hackers on the electoral system of the United States until the election of Donald trump were spread much wider than what is made public. States whose database and election-related programs was broken into, turned out to be almost two times more than previously reported.


In Illinois, investigators found evidence that the attackers tried to remove or amend the data of voters. Hackers gained illegal access to software intended for use on election day, members of precinct election commissions. At least in the same state they entered in a database with information on financing the election campaign. Details about the hacker attacks occurred in the summer and in the fall of 2016, said three people with reliable information about the progress of the US investigations. According to one of them, Russian hackers attacked a computer system in a total of 39 States.

The scale and sophistication of cyber attacks has caused representatives of the Obama administration that concern that they have taken an unprecedented step. They directly expressed their dissatisfaction with Moscow by contacting her on the channel, which is a modern equivalent of the “red phone”. According to two sources, in October the White house contacted the Kremlin for a secret communication channel, presenting detailed evidence of the involvement of Russia to intervene in American elections. The white house has warned that these hacker attacks is fraught with serious consequences and can cause a greater conflict.

New details backed by a secret NSA document published recently in the online edition of the Intercept show the extent of the alleged hacker break-ins. Currently, investigators at the Federal level to carefully study the circumstances of these attacks as part of an investigation of alleged links of members of the electoral headquarters of the trump with the Russians. But this information is also cause for concern about future elections. They indicate previously unknown potentially serious vulnerability of the US electoral system, which uses various technologies for voting. This information came less than a week after the former Director of the FBI James Komi (James Comey) warned Congress that Russia has not stopped its interference in the Affairs of the United States.

“They chase America, said Komi Republic, speaking at a hearing of the Senate Committee on intelligence investigating Russia’s intervention in the elections. They’ll be back”.

An FBI spokesman in Washington declined to comment on the investigation conducted by its office.

Denials Of The Kremlin

Russian officials publicly deny any role in cyber attacks related to the elections in the United States, including in the implementation of the massive target of “phishing”, which was declassified correspondence of the election headquarters of Hillary Clinton and the National Committee of the Democratic party, as well as the data of hundreds of other organizations. The President of Russia Vladimir Putin in his recent statements to reporters said that a cyber attack, possibly involving criminals inside the country and that their actions were not sanctioned by Russian authorities.

One of the mysteries associated with the presidential election of 2016, is why Russian intelligence, having access to systems at the state level and to local polling stations, did not attempt to disrupt the vote. One possible reason is that the American warning worked. Another former high-ranking American official who agreed to discuss held in the United States undercover investigation of a hacker attack before the election on condition of anonymity, called the more likely cause. He believes that the course pursued for a few months, cyber attacks criminals and failed to obtain the necessary access to approximately 7 thousand polling stations, who used other programs.

These operations can be effective and without changing the results of the vote. According to the Obama administration, the possible target Russian was the clear information about voter registration or slowing down the procedures of counting of votes to undermine the credibility of the elections. And these actions went far beyond the planned publication of materials from the personal correspondence of individuals and parties.

One former senior us official expressed concern that the Russian now has three years before the next presidential election in USA to to learn more about the American voting system. And there is every reason to believe that they use the gained knowledge in their future attacks.

A secure communication channel

During the first test communication systems designed to de-escalate the “cyber warriors” between the two countries, “the red phone” (actually it’s not a phone, and a secure channel for transmission of urgent messages and documents) work not quite as expected the White house. That the White house has used the “red phone”, NBC News first reported in December last year.

The white house has provided evidence collected in connection with cyber attacks Russia, and named reasons why the United States considered these attacks as “aggressive.” According to two sources knowledgeable about the reaction of Russia in response has requested additional information and assured that he will deal with this issue. While cyber-attacks continued.

“Last year, after, as we found traces of the invasion of the system of electoral commissions across the country, the administration has tirelessly worked to protect our electoral infrastructure, said Eric Schultz (Eric Schultz), Deputy press Secretary of former U.S. President Barack Obama. — Given that our electoral system is so decentralized, this job involves the interaction with the Democrats and Republicans responsible for the organization and conduct of elections throughout the country, with the purpose of strengthening their cyber defence”.

Database of Illinois

Illinois, which was among the States for investigation provided the FBI and Department of homeland security almost complete access to their systems has become an example that helps to understand the successes and failures of hackers.

As told by the General counsel of the Commission of the state of Illinois for the monitoring of elections Ken Menzel (Ken Menzel), in early July 2016, one of the members of the Commission who worked under contract for two or three days a week detected an unauthorized leakage of data from a computer network. Hackers gained access to a database of voters in the state, containing details such as name, date of birth, gender, driver’s license number and partial numbers of insurance certificates. Data touched 15 million people, half of whom were active voters. In the end, had violated the confidentiality 90 thousand accounts.

But even if the entire database was deleted, it would not have been able to influence the election, says Menzel. The district sent information to the state, and not Vice versa, and in districts in which elections are held, information from the database is not coming back. Hackers performing cyber attacks on the statewide database, could not know about it, says Menzel.

However, the state processes the submitted online registration information of voters who go to the County for approval, said Menzel. As you add more voters to the County lists this information is sent back to the election commissions of the state and is payable to the Central database. This practice — common to all States — actually gives attackers the opportunity to manipulate the records at the initial stage, at the time of their creation.

“Patient zero”

In the course of a Federal investigation Il was the “patient zero” (used medical term meaning that who started the epidemic — approx. TRANS.), whereby investigators found a series of cyber attacks that have affected about 80% of the States.

Based on clues found in the computer databases of the state of Illinois, Federal agents were able to detect the characteristic of the digital “footprints” (among them was the IP addresses used by the attackers) to determine the location of the hackers during their work.

Then through a special alert system that exist in the structure of internal security, and other means of information about these “characteristic marks” were sent to each state. According to one of the sources familiar with the investigation, 37 States reported the discovery of traces of hackers in various systems. And in two States — Florida and California — these footprints were found in the systems of private contractor company serving the critical electoral system.

In the NSA document, which was reported to be kidnapped and handed to reporters a 25-year-old reality Winner (Reality Winner), who worked under government contracts and arrested last week, the name of this company. This company VR Systems from Florida involved in the development of an electronic system of voter identification that are used by members of precinct election commissions.

Illinois investigators also found evidence that the hackers tried to alter or delete information in the database, but are unable to do so. About it has not previously been reported. According to people with knowledge about the ongoing investigation in the USA, is more than just surgery, which was done with the purpose of obtaining intelligence information. It is possible that it was a test attack of a subversive nature.

The authorities ‘ response States

The thought of it pursued the Obama administration throughout the summer and autumn of 2016, pushing into the background concerns about hacking of the mail servers of the National Committee of the Democratic party and the transfer of WikiLeaks and other websites materials of private correspondence of the members of the electoral headquarters of the Democrats. About it said one of the sources familiar with the content of these conversations. The Department of homeland security sent to the States ad hoc group of experts in the field of cyber security to help them protect networks. In addition, to strengthen work in this direction, some States have hired private companies working in the field of cybersecurity.

In many States the extent of penetration by Russian hackers in a computer network is still not defined. The Federal government no direct authority over the election system of the States and the authorities of some States limit the cooperation in this direction. When in August last year, the Secretary of homeland security Jeh Johnson (Jeh Johnson) said that the Ministry wants to announce the election system of the national critical infrastructure (which gives the Federal government broader powers to intervene), the Republicans rejected it. And only after the election, both parties finally reached agreement on this issue.

Relations with Russia remain tense. Red “cyberclean” in 2011 was declared an instrument of Russian and U.S. centers for reducing nuclear danger and to defuse potential conflict in cyberspace. In 2008, the system, which during the cold war came in the form of an exchange of messages by teletype, turned into a secure channel for the transmission of messages and documents via fiber optic lines.

After the Obama administration submitted their documents, and Russia requested more information, the actions of the hackers continued. According to leaked document, the NSA, hackers working for Russian military intelligence, tried to take control of the computers 122 members of election commissions in just a few days before the election on the eighth of November.

According to sources familiar with the situation, although some members of the Obama administration then insisted to publicize the actions of Russia in the full volume, the White house is fundamentally unwilling to take the risk and undermine public confidence in the honesty of elections.