The extent to which hackers and other shadowy operatives from Russia meddled in the U.S. election last November seems to be expanding as additional evidence comes to light.
Facebook has come under scrutiny after it was revealed that the social-media company sold and displayed over 3,000 political advertisements related to the U.S. election that were created in Russia. Facebook CEO Mark Zuckerberg released a video on September 21 promising to turn over information related to the ads to Special Counsel Robert Mueller, who’s heading the Department of Justice’s Russia investigation.
And now, another revelation: The Department of Homeland Security has confirmed the names of 21 states that had their elections systems “impacted” by Russian hackers in the weeks leading up to November 8, 2016. Colorado was among them — but apparently one of the states whose election systems were not breached. (Only Illinois is confirmed to have had its voter-registration database accessed by Russian intruders.)
The federal government had disclosed in June the number of states that were targeted, but the names of the states were not made public until last week. Colorado Secretary of State Wayne Williams had been under the impression that Colorado was not among them.
We learned that in July, when Westword ran a cover story detailing a little-known fact: the first proven instance of a Russian state-sponsored cyberattack (indeed, any state-on-state cyberattack) against the United States was back in 1994, when a computer at the Colorado School of Mines was breached. Another computer, this one at the Jefferson County Library, was subsequently compromised by the same group of Russian hackers, which a team of FBI and Department of Defense agents, who dubbed their investigation “Moonlight Maze,” concluded was being supported by the Kremlin.
At the time of our reporting, Williams and the chief information officer at the Colorado Secretary of State’s Office, Trevor Timmons, explained to Westword that they received two lists of suspicious IP addresses to look out for from the Department of Homeland Security before the November election, but none of the IP addresses had probed Colorado’s voter-registration systems before their office blocked them.
If you like this story, consider signing up for our email newsletters.
SHOW ME HOW
You have successfully signed up for your selected newsletter(s) - please keep an eye on your mailbox, we're movin' in!
Williams and Timmons did stress that Colorado’s voter-registration database — now revealed to have been scanned by Russian operatives for its vulnerabilities — is quite separate from Colorado’s voting machines, which are not connected to the Internet to protect voting tallies from outside hacks and manipulation. As Williams colorfully explained, changing votes on the machines, which are kept under lock and key, would be possible only if “you’re Tom Cruise in Mission: Impossible — Ghost Protocol and you have the mask of somebody and you’ve stolen the passwords and you can adjust the seals on the voting machines.”
On September 22, after Williams was notified by the DHS that Colorado was indeed one of the 21 states known to have been targeted last year, his office sent out a press release.
“According to Homeland Security, we were not attacked, probed, breached, infiltrated or penetrated,” Williams says. “This was a scan, and many computer systems are regularly scanned. It happens hundreds if not thousands of times per day.... A scan is similar to burglars jiggling the doors of a house and moving on when they realize the doors are locked. That’s why we continue to be vigilant and monitor our systems around the clock.”
But as we revealed in July's cover story, “Red Alert,” Russian hackers have been after Colorado computers since at least 1994. And who knows? Maybe even earlier, and we just don't know about it.