TPM - "What We Know And Dont Know About Election Hacking"
Also, what we dont know we dont know.
By Clare Malone
https://fivethirtyeight.com/features/what-we-know-and-dont-know-about-election-hacking/
When talk of Russian interference in U.S. elections comes up, much of the focus has been on state-sponsored trolls on Facebook and Twitter special counsel Robert Mueller recently indicted a number of these actors, and Congress has taken Silicon Valley to task for allowing such accounts to flourish. But theres another side of Russian meddling in American democracy: attacks on our election systems themselves.
We know that Russian hackers in 2016 worked to compromise state voting systems and the companies that provide voting software and machines to states. That could blossom into more concrete attacks this year. As I wrote earlier this week, the worst-case scenario is that on Election Day 2018, votes are altered or fabricated and Americans are disenfranchised.
It can be tough to track all the small stories about electoral hacking. Its a dense issue, given that the story has been unfurling for a year and a half across all 50 states. So, as the 2018 midterms approach and election officials continue to work on fixing what went wrong in 2016, its worth reminding ourselves what we know and what we dont know. Well break things down in Rumsfeldian terms:
There are known knowns things we know we know about election systems hacking
Before the 2016 election, the online systems of 21 states were scanned by Russian cyber actors. Scanning doesnt mean that they were penetrated by hackers its more akin to someone driving by a house to see if anyones at home before robbing it.
One state Illinois was actually hacked. Its online voter registration system was hit with an attack, but no records were actually changed.
The credentials of an election official in another state Arizona were compromised when the official opened a malware-infected email. The state took its system offline as a precaution, but it was not believed to have been compromised.
One election system provider VR Systems was targeted by a Russian phishing scam. VR Systems provides services to eight states.
The Election Assistance Commission, the federal agency thats in charge of regulating voting machine security, was hacked. In 2016, a cybersecurity firm became aware of a Russian-speaking hacker who had obtained the credentials of 100 EAC employees and was looking to sell them purportedly to a Middle Eastern government.
snip - more at the link (including better formatting) - read on, see link above.