Colorado officials skeptical about Bloomberg reports Russian hackers touched 39 states before election

“We’re suspicious of the number 39,” she said, citing the office’s frequent communication with other secretaries of state.

Gotta load the ballots. (Andrew Kenney/Denverite)
Ballot operations assistants stack ballots into a machine that will strip a sticker from the envelope and scan the signature beneath for individual verification. (Kevin J. Beaty/Denverite) election; ballot; vote; denver; colorado; denverite; kevinjbeaty;
Ballot operations assistants stack ballots into a processing machine. (Kevin J. Beaty/Denverite)

BloombergPolitics this morning reported on anonymous sourcing that “Russian hackers hit systems in a total of 39 states,” prior to last November’s U.S. election.

However, there’s no evidence that Colorado was among those states, according to Lynn Bartels, spokeswoman for Colorado Secretary of State Wayne Williams, who is in charge of election procedure here.

Bartels noted that computer systems malfunctioned for about 30 minutes on Election Day, but that was found to be a result of heavy use, not an attack.

And the office is skeptical that so many states could have been touched by an attempted breach, she said. “We’re suspicious of the number 39,” she said, citing the office’s frequent communication with other secretaries of state.

What has been confirmed so far is that a hack in Illinois exposed social security numbers and other information about 80,000 voters, and a U.S. Senator said it was traced to an address linked with Russian state security.

Investigators then looked for the “fingerprints” of those hackers in other states, and received reports of similar traces in a total of 39 states, according to Bloomberg.

Bloomberg does not disclose the full list of states that its source says were touched, or what damage was incurred. Bloomberg describes the effort as “potentially a test run for a disruptive attack,” that may have attempted to slow or obstruct the electoral process.

Colorado  received those “fingerprints,” but found no evidence that the computers associated with the Illinois incident had touched Colorado systems, according to Trevor Timmons, chief information officer for the Colorado Department of State.

“The advice they provided was, ‘You need to look at logs and look for activity from these computers.’ They also provided some details on the types of attacks that they were seeing, the types of behavior they were seeing,” Timmons said.

“Really quickly, we looked at logs to see whether we’d seen attempts to get to our systems or whether we’d seen any of those kind of attack patterns. We did not see those.”

 

The state’s election security staff were on regular calls with the Department of Homeland Security, Bartels said. There was no sign of any attempted hack in Colorado, and the state has heard nothing since the election from federal investigators, she said.

The state does see thousands of contacts with suspicious computers each day, Timmons said. But those generally appear to be the work of low-level “script kiddies,” or inexperienced hackers who are simply trawling for any vulnerable target.

Any effort that appears to be more concerted is reported to federal and state authorities. While Williams’ office did report some of those contacts, none seemed to attract specific interest from investigators, according to Timmons.

“We didn’t get follow-up phone calls,” Timmons said. “So, to me, that says that they didn’t see anything that was really out of the ordinary.”

Russian officials have denied involvement in any attempt to attack the U.S. electoral process, per Bloomberg.

Andrew Kenney

Author: Andrew Kenney

Andrew Kenney writes about public spaces, Denver phenomena and whatever else. He previously worked for six years as a reporter at The News & Observer in Raleigh, N.C. His most prized possession is his collection of bizarre voicemail. Leave him one at 303-502-2803, or email akenney@denverite.com.