Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Senators Question FBI on Russian Hack of Voting Firm

Two U.S. senators asked the FBI on Wednesday to explain what it has done to investigate the suspected hack by Russian intelligence of a Florida-based voting software company before the 2016 election.

Two U.S. senators asked the FBI on Wednesday to explain what it has done to investigate the suspected hack by Russian intelligence of a Florida-based voting software company before the 2016 election.

In a letter sent to FBI Director Christopher Wray, Democratic Sens. Ron Wyden of Oregon and Amy Klobuchar of Minnesota, who is the ranking member of the committee with jurisdiction over federal elections, asked for answers by July 12 regarding steps the agency has taken in response to the breach of VR Systems’ computer servers.

Robert Mueller’s report on Russia’s interference in the 2016 election describes how Kremlin-backed spies installed malware on the network of an unnamed company that “developed software used by numerous U.S. counties to manage voter rolls.”

VR Systems has said it believes it is the company referred to in the report. The Tallahassee, Florida-based company has maintained, however, that its system was never penetrated. It told Wyden in a letter last month that the cybersecurity firm Fire Eye conducted a security audit and found no evidence of a breach. The audit was conducted more than seven months after the election.

The Department of Homeland Security said last week that its computer experts will examine North Carolina polling equipment supplied by VR Systems , at the state’s request. The forensic analysis will look at laptops and replicas of computer hard drives that were used in heavily Democratic Durham County to determine whether hacking was responsible for malfunctions on election day in 2016.

State and local officials said previously they found no indication that the software system, used for voter registration and check-in, had been targeted by hackers, but they never did a forensic examination. VR Systems has blamed the trouble on poorly trained poll workers and inadequate computer maintenance. A report by a security consultant hired by Durham County’s elections board supported that claim.

Wyden and Klobuchar asked whether the FBI has examined VR Systems’ servers and the equipment that malfunctioned in Durham County. They also asked if the agency has reviewed the conclusions of Fire Eye’s audit and for details on its key findings. VR Systems has refused to release even redacted versions of the report, citing client confidentiality.

Advertisement. Scroll to continue reading.

Lastly, the senators want to know how the FBI planned to work with local and state election officials ahead of the 2020 election to ensure that they felt comfortable reporting cybersecurity incidents and had the information necessary to be aware of threats.

VR Systems, the Homeland Security Department and FBI did not immediately respond to requests for comment.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.