"I don't believe they got into changing actual voting outcomes," Virginia Sen. Mark Warner said in an interview. "But the extent of the attacks is much broader than has been reported so far." He said he was pushing intelligence agencies to declassify the names of those states hit to help put electoral systems on notice before the midterm voting in 2018.I asked Chris Powell, a spokesman for Secretary of State Mark Martin, Arkansas's top election oversight official, about the Warner statement. He said there was no evidence that Arkansas systems were breached or even that there was an attempt to breach any Arkansas systems. He provided a news release from the National Association of Secretaries of State addressing the report:
That said, these attempts to penetrate our voter registration systems are an urgent reminder of the need to get more cybersecurity support and resources into the hands of the state and local officials who administer and oversee U.S. elections.Stu Sofer, a member of the state Election Commission, says he can believe hackers might have gotten into some states' voter registration systems because they are connected to so many county clerks. But he said, in Arkansas, the voting system itself is not on-line and thus unreachable by hackers.
We urge DHS and other federal law enforcement to share documented threat intelligence information with election officials and notify all local election officials who were targeted in the email spear-phishing campaign that is documented in the NSA report. This type of information-sharing was a key justification for the Department of Homeland Security's January 2017 designation of election infrastructure as critical infrastructure.