The National Security desk at The Wall Street Journal just revealed the scope of the efforts to hack South Carolina’s voter-registration database on election day last year, and their report is a sobering reminder of just how deeply American electoral systems were penetrated.
Citing a post election report from the South Carolina State Election Commission, The Journal says that “there were nearly 150,000 attempts to penetrate the state’s voter-registration system.” This is in a state that was not even under serious contention during the election, but the article indicates that it is indicative of the scale of the hacking attempts nationwide and posits that more competitive states may have faced even more strenuous efforts to target their voting systems.
While election officials in South Carolina don’t see any evidence that hackers actually succeeded in penetrating their database, the State Board of Elections in the more closely-contested state of Illinois reported that hackers were hitting their servers ““5 times per second, 24 hours per day” from late June until Aug. 12, 2016 and actually managed to access around 90,000 voter records.
After the Illinois attacks, both the FBI and The Department of Homeland Security issued warnings to state election officials and offered cyber-security help in protecting election infrastructure. The DHS found 55 separate vulnerabilities in South Carolina’s systems, including two listed as critical, the most severe level, which could result in “remote exploitation of the database,” according to one cyber-security expert.
One of the most frightening facts to come out in the report is the fact that after the vulnerabilities were discovered, it took 25 days–over three weeks–to eliminate them.
More frightening than even that is the fact that, despite concrete evidence that the American election infrastructure was targeted and attacked during one of the most crucial contests of the modern era, the current administration would rather deny reality than admit to the problem, investigate the attacks, and take measures to make sure that it never happens again.