Politics & Government

Feds will investigate whether Russia hacked Durham election software in 2016

Corrected June 13 at 10:20 p.m. See details in story.

North Carolina officials have never been able to fully answer why voting software in Durham County went haywire on Election Day in 2016.

Now, armed with new evidence that Russian hackers targeted the company that provided that software, federal officials from the Department of Homeland Security will help the state figure out what happened.

“We appreciate the Department of Homeland Security’s willingness to make this a priority so the lingering questions from 2016 can be addressed in advance of 2020,” said Karen Brinson Bell, the executive director of the State Board of Elections, in a written statement to The News & Observer Wednesday morning.

The Durham software in question couldn’t have been used to change votes, but its glitches were problematic nonetheless. It was pollbook software, which is used to check voters in to make sure no one is voting twice or in the wrong location. Without it working, poll workers had to turn away voters for parts of the day.

Homeland Security plans to perform a forensic cyber analysis on 21 laptops from Durham. The Washington Post first reported on the planned analysis.

Brinson Bell took the helm at the state board earlier this week, replacing former executive director Kim Strach. A few hours after the news of the federal investigation broke Wednesday, Brinson Bell was at the North Carolina General Assembly for a previously scheduled meeting with lawmakers. They mostly focused on issues related to getting the state ready for the 2020 elections, but some raised questions about the hacking.

“We are very focused on cyber security,” she told the legislators.

Brinson Bel_fitted.jpeg
Karen Brinson Bell will become the North Carolina Board of Elections executive director in June 2019. Submitted photo NC Board of Elections

She also told lawmakers that the state board is working on hiring a cyber security expert, and that she and the board’s new top lawyer are both in the process of getting security clearances so they can be more closely involved in this or any investigation that involves classified information. Strach and the board’s former top lawyer under her, Josh Lawson, both had security clearances.

The state’s position under Strach was that the Durham problems in 2016 were probably caused by mistakes made by local workers, instead of an attack by outside hackers. Brinson Bell reiterated that Wednesday in a brief news conference after the meeting.

She said she hopes the Homeland Security investigation will also help North Carolina establish the best standards in the nation for making sure its elections aren’t susceptible to hackers in the future.

“We’re just looking at it as an opportunity to improve our procedures,” she said. “We think it’s a great opportunity to be at the forefront of how election pollbooks, or electronic pollbooks, are managed in our country.”

What happened in Durham?

On Election Day at numerous sites in Durham, computer glitches caused long lines and may have led to people showing up to the polls but then having to leave without voting.

But the state never had the technical abilities to perform a full analysis, the News & Observer previously reported. So after the Mueller report indicated Russian hackers had targeted the same company whose software gave Durham troubles in 2016, the N.C. Board of Elections renewed its efforts to resolve some unanswered questions.

The Mueller report didn’t mention Durham or North Carolina specifically, although it did mention an unnamed Florida county as being hacked, and Florida officials have since confirmed that.

North Carolina elections officials sent a letter to the company in question, Florida-based VR Systems, in April shortly after the Mueller report became public. The company responded that while it believes Russian hackers did attempt to break into its systems, it does not believe they were successful.

“VR Systems has never been informed by anyone (Homeland Security, NSA, etc) their software or systems have ever been compromised or ‘hacked,’” a Raleigh-based lawyer for the company, Michael Weisel, wrote in an email to the N&O.

He later responded with a formal letter to state officials, saying: “There is no causal link between the attempted hack into VR Systems, and the apparent access to one Florida county government from a separate spearphishing attack.”

But now federal investigators will lend their own technical expertise to state officials who are trying to confirm what happened in Durham.

“Neither the State Board nor the Durham County Board of Elections has any evidence that outside interference played a role in the e-pollbook issues,” said Pat Gannon, a spokesman for the state elections board, in an email. “However, the State Board does not have the technical expertise to forensically examine the laptops to definitively rule that out as a cause.”

Similarly, Homeland Security spokeswoman Sara Sendek said Wednesday that her agency also doesn’t currently believe Russian hackers were responsible for Durham’s problems in 2016. But they can’t yet rule it out, either.

“This support may help to provide a better understanding of previous issues and help to secure the 2020 election,” Sendek said. “DHS has no information that there is any previous or ongoing issues regarding election systems in the state of North Carolina and all services are being provided in a proactive manner at the request of the state.”

An earlier version of this story incorrectly spelled Sara Sendek's name.
Related stories from Durham Herald Sun

Will Doran reports on North Carolina politics, with a focus on state employees and agencies. In 2016 he started The News & Observer’s fact-checking partnership, PolitiFact NC, and before that he reported on local governments around the Triangle. Contact him at wdoran@newsobserver.com or (919) 836-2858.