Russians Have Penetrated Florida’s Election Systems, Senator Says

“They have already penetrated certain counties in the state and they now have free rein to move about.”

US Democratic Senator Bill Nelson speaks during a press conference in Miami in July. Giorgio Viera/EFE via ZUMA

Intelligence officials have warned for months that Russia will seek to interfere in the 2018 midterm elections, just as it did in 2016. On Wednesday, Democratic Sen. Bill Nelson of Florida offered up perhaps the most startling example yet of these efforts: that Russian operatives had gained access to the state’s election systems.

“They have already penetrated certain counties in the state and they now have free rein to move about,” Nelson told the Tampa Bay Times on Wednesday. He added, “We were requested by the chairman and vice chairman of the Intelligence Committee to let supervisors of election in Florida know that the Russians are in their records.” Nelson is campaigning for reelection against Florida’s current governor, Republican Rick Scott.

This is one of many indications that the Russians have not been deterred from interfering in US elections. Last month, Microsoft announced that it had intercepted efforts to penetrate the campaigns of three candidates for office this year. One of the targets was Democratic Sen. Claire McCaskill of Missouri, who is in a tough reelection battle. 

A swing state, Florida is a prime target for election hacking. And Nelson’s race, like McCaskill’s, is closely contested and could determine which party controls the Senate next year. By sowing chaos in a few key Florida counties, the Russians could potentially throw the outcome of the Senate race, or congressional and other races in the state, in doubt. And if they retain access to the state election system in 2020, they could potentially alter the results of the presidential race—as the 2000 election showed, a presidential contest can come down to a few Florida counties. 

The Kremlin also targeted Florida’s systems in 2016. Russian hackers successfully phished employees of VR Systems, a Florida-based elections services provider, according to an NSA report obtained by the Intercept. Access to the vendor allowed the hackers to attach malware to a genuine company operating manual that was then sent to 122 email addresses belonging to “local government organizations” and others in charge of the “management of voter registration systems,” including within Florida, according to the report.

According to Christopher Krebs, a senior Department of Homeland Security cybersecurity official, the Russians scanned voter registration systems and other election-related websites in every state in search of vulnerabilities as part of their 2016 operation.

Later Wednesday, the Department of Homeland Security released a statement throwing doubt on Nelson’s claims, stating that the department was unaware of “any new compromises by Russian actors.” 

This story has been updated to include the comment from the Department of Homeland Security.