A news report relying on a newly leaked National Security Agency document says Russian spies electronically infiltrated a company whose voting machine software is used in North Carolina and seven other states.
The Russian government then sent “phishing” emails to more than 100 elections officials around the United States just before the election, in an attempt to gain their login credentials, according to the news report Monday by The Intercept investigative reporting website.
VR Systems provides voting software used in 21 North Carolina counties, according to the N.C. State Board of Elections and Ethics Enforcement, whose executive director said the agency is “actively investigating reported attempts to compromise” the software.
“This agency takes any reports of possible interference with our election processes very seriously,” Kim Westbrook Strach said in a statement.
Sign Up and Save
Get six months of free digital access to The News & Observer
Part of the investigation is to look into whether any North Carolina elections officials were targeted by the “phishing” emails.
Local elections officials use the company’s software on Election Day to help check in voters who show up to cast ballots in person, Strach said. It is not used in counting votes.
VR Systems software is used in Durham County – where software glitches on Election Day caused delays, allegations of voter fraud and a monthlong recount after the election.
However, the Intercept reported it’s unclear if the hack succeeded in influencing any election results – nationally, in North Carolina or anywhere else.
“The NSA analysis does not draw conclusions about whether the interference had any effect on the election’s outcome and concedes that much remains unknown about the extent of the hackers’ accomplishments,” the article states.
The Election Day troubles in Durham began when poll workers were unable to upload data from six cards that saved information from ballot tabulators. Data from five of the cards could not be uploaded to software because the number of votes per race exceeded the software’s memory limitation. A sixth card may have had a battery problem. Officials instead entered the information from the tabulators’ paper tapes.
Voters waited in long lines and eight precincts were allowed to stay open up to an hour after polls closed in the rest of the state.
Then-Gov. Pat McCrory’s campaign called into question about 94,000 Durham County votes that came in late on Election Night.
A subsequent recount found no irregularities, leading McCrory to concede the election to Democrat Roy Cooper a month later.
A spokesman for the Durham County Board of Elections denied to The Intercept on Monday that Durham’s software problems had anything to do with a software hack. On Tuesday, state elections board spokesman Pat Gannon said the same.
“The software that may have been the target of hackers had nothing to do with the tabulation of votes or the voting machines themselves,” Gannon said. “The target of the potential hack was the electronic poll books that check people in.”
According to a statewide audit the state elections board conducted after the election, there were 508 voters who weren’t eligible to vote who cast ballots. That’s out of 4.8 million ballots – not enough to have changed the outcome of any race, from local contests up to the race for governor or president.
According to the leaked documents, agents with the Russian military’s GRU spy agency were behind the successful cyber attack against VR Systems.
The day the article was published, FBI agents arrested an NSA worker named Reality Winner on charges of leaking the classified information.
Doran: 919-836-2858; Twitter: @will_doran