Russia’s cyberattack of the 2016 election was more far reaching than previously reported and stretched to election infrastructure in 39 states, Bloomberg reported on Tuesday.
The news demonstrated the incredibly high stakes of the Russia investigation—our very democracy itself—one day after it was reported that President Donald Trump might be considering firing the man in charge of leading that inquiry.
The Bloomberg report came on the heels of the revelation of a leaked National Security Agency document that had assessed Russia had hacked local election officials and a contractor that sells electronic voting systems and equipment. (A 25-year-old government contractor named Reality Winner has been arrested for allegedly leaking that classified document.)
Citing “three people with direct knowledge of the U.S. investigation into the matter,” the new report says that nearly twice the number of states as originally thought were found to have come under cyberattack by these hacking attempts.
Illinois, where hackers reportedly attempted to delete or alter voter data, was apparently used as a case study for investigators trying to determine the extent of the attempts and the scope of the damage.
In early July 2016, a contractor who works two or three days a week at the state board of elections [in Illinois] detected unauthorized data leaving the network, according to Ken Menzel, general counsel for the Illinois board of elections. The hackers had gained access to the state’s voter database, which contained information such as names, dates of birth, genders, driver’s licenses and partial Social Security numbers on 15 million people, half of whom were active voters. As many as 90,000 records were ultimately compromised.
The report said that one theory as to why the cyberattack was not successful in actually influencing vote tallies or tampering with registration rolls was that even “several months of hacking failed to give the attackers the access they needed to master America’s disparate voting systems spread across more than 7,000 local jurisdictions.”
The publication also reported that the Obama administration decided not to reveal the full scope of the attack publicly for fear that it would undermine the results of the election, which had been deemed to have been fair.
In a December press conference, President Obama said, “We did not see further tampering of the election process” after he personally told Russian President Vladimir Putin to “cut it out” when saw him in early September. This description does not appear to have been true. In fact, Bloomberg reported that in October the Obama administration took the “unprecedented step” of contacting the Kremlin over a secure line to “offer detailed documents of what it said was Russia’s role in election meddling and to warn that the attacks risked setting off a broader conflict.” The Russians reportedly responded by asking for more information, promising to look into the matter, and continuing the hacking.
The detailed report on this latest evidence is worth reading in full. But considering the hostility of the current president to that Russia probe, it is also worth noting one more potentially ominous passage in the Bloomberg report:
One former senior U.S. official expressed concern that the Russians now have three years to build on their knowledge of U.S. voting systems before the next presidential election, and there is every reason to believe they will use what they have learned in future attacks.