Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Feds: No Evidence Hackers Disrupted North Carolina Voting

A federal investigation didn’t turn up any evidence that cyber attacks were responsible for computer errors that disrupted voting in a North Carolina county in 2016, according to a report issued Monday.

A federal investigation didn’t turn up any evidence that cyber attacks were responsible for computer errors that disrupted voting in a North Carolina county in 2016, according to a report issued Monday.

The U.S. Department of Homeland Security’s report said it didn’t identify any malware or remote access to the Durham County Board of Elections systems that it analyzed.

After voter check-in software failed, federal authorities conducted a forensic analysis of the county’s electronic poll books to see if Russian military hackers who targeted the software provider may have tampered with registration information to disrupt voting.

Laptops used in some Durham County precincts on Election Day in November 2016 showed inaccurate data to poll workers, such as erroneously identifying voters as having already voted and identifying registered voters as being unregistered. The VR Systems electronic poll books malfunctions forced officials in the heavily Democratic county to switch to paper registration records and extend voting hours.

State election officials seized 21 laptops that had been used to check in Durham County voters and asked federal officials to do a forensic exam of the computer equipment.

Federal investigators “did not conclusively identify any threat actor activity,” but they did identify aspects of county cyber security that could be improved, according to the report.

The analysis of Durham County laptops was the first known federal investigation of equipment that malfunctioned during the 2016 election, when Russian hackers infiltrated several states.

VR Systems had been targeted by a Russian spear-phishing campaign, but Chief Operating Officer Ben Martin has maintained the company was not hacked as a result. Martin has said he believes a report on Russian interference in the 2016 election from special counsel Robert Mueller was referring to his Tallahassee, Florida, company — the name was redacted — in describing how Russian spies installed malware on the network of a company that “developed software used by numerous U.S. counties to manage voter rolls.”

Advertisement. Scroll to continue reading.

Martin has disputed that finding, saying a cybersecurity company’s audit found no sign of a breach.

However, North Carolina’s concerns were renewed by the Mueller report’s mention of the electronic poll book company.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cloud Security

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.