A Russian cyber attack on the US electoral system affected almost 40 states during the 2016 election, sources have revealed.
The cyber attack – which targeted software used by poll workers on election day – hit 39 states, sources familiar with the US investigation into the matter told Bloomberg. That number, if accurate, represents a far larger attack than previously reported.
The Intercept recently published a top-secret National Security Agency document detailing an attempted launch of a Russian spear-phishing campaign on local governments in advance of the US election. The report suggested hackers had accessed at least one US voting software supplier.
According to Bloomberg, however, the hackers accessed dozens of voter databases and at least one campaign finance database.
The attack was so severe that it drove Obama administration officials to complain directly to the Russian government via a "red phone". The administration feared the hackers would delete voter rolls or otherwise tamper with the voting process in order to undermine confidence in the election.
"International law, including the law for armed conflict, applies to actions in cyberspace," the White House warned in one message to Moscow, NBC reported. "We will hold Russia to those standards."
The hacking efforts continued even after this warning.
One former US intelligence official told Bloomberg it was unlikely the Russians had learned how to actually change votes across the country in the short time after the attack. But with three years until the next election, another warned, they will have ample time to practise.
Former FBI Director James Comey seemed to echo these sentiments in his Senate hearing last week.
“[This] it is a long-term practise of theirs,” the former intelligence official said of Moscow. “It's stepped up a notch in a significant way in '16. They'll be back.”
The Russian government has denied any meddling in the 2016 election.
The US investigation into the incident started in Illinois, where hackers accessed as many as 90,000 voter records. These records include names, dates of birth, genders, driver’s incenses and partial Social Security numbers, according to Ken Menzel, general counsel for the Illinois board of elections.
Investigators used this evidence to uncover successful hacking efforts in 38 other states.
A former Obama administration official acknowledged the scope of the hacking in a statement to Bloomberg.
“Last year, as we detected intrusions into websites managed by election officials around the country, the administration worked relentlessly to protect our election infrastructure,” said Eric Schultz, a spokesman for Mr Obama.
US intelligence agencies had previously reported that Russian hackers accessed “elements of multiple US state or local electoral boards”. The extent of this breach, however, was not revealed in the January report from the CIA, NSA and FBI.
Join our new commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies