Cybersecurity

Wyden wants answers on hack of voting tech firm

election security (Shutterstock.com) 

Sen. Ron Wyden (D-Ore.) is questioning whether an intrusion by Russian hackers into the network of an American voting technology company referenced in Special Counsel Robert Mueller's report is related to a breakdown of electronic pollbook systems in North Carolina on election day in 2016.

In a May 8 letter to the CEO of VR Systems, Wyden raised concerns about whether the company was forthcoming during a 2017 and 2018 legal battle with the state of North Carolina, when it denied in court filings that its e-pollbook system had ever experienced a breach in the past.

"The Mueller Report's revelation that Russia infected your network with malware raises serious questions about your March 2018 claim your company had not experienced a security breach," Wyden wrote.

The company acknowledged in April 2019 that it was the entity mentioned in the Mueller report. The company was cited in documents leaked by a former National Security Agency contractor to the Intercept.

Wyden is concerned because e-pollbook software made by VR Systems "catastrophically" failed on Election Day 2016 in a number of Durham County, N.C., voting precincts. While e-pollbooks do not count or tally vote totals, they help election officials check voter eligibility.

The Mueller report claims that Russian hackers successfully installed malware inside the company's network, using it as a foothold to launch more phishing attacks against state and local governments in the weeks leading up to the 2016 elections.

Lawyers for VR Systems have claimed the attackers never got further than a failed phishing attempt.

The NSA documents leaked by Reality Winner indicate that it is likely at least one of seven identified phishing targets may have clicked on a compromised hyperlink, but they are not conclusive about whether the hackers succeeded or later installed malware.

As recently as April, the company had denied that its systems were successfully hacked and claimed the 2016 e-pollbook failures in North Carolina were due to user error.

Wyden is seeking information on whether any government agency has ever forensically examined the computers used in Durham County in 2016, the evidentiary basis for the company's claim that it hasn't experienced a security breach and other details about the firm's security posture.

"Given the voting problems caused by the failure of e-pollbooks manufactured by your company in November 2016, the American people have a right to know if there was any connection to the Russian cyberattack against your company three months earlier," Wyden wrote.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.