Hackers tried to access South Carolina's voter registration system almost 150,000 times on Election Day alone, a new report from the state's Election Commission has revealed.
The report plays into a larger pattern of attempted hacking in the 2016 election, in which the Department of Homeland Security (DHS) says more than 20 US states were targeted. Intelligence officials believe much of the election meddling was carried out by Russian hackers.
The news comes as President Donald Trump's eldest son has been called to testify before a Senate committee on his meeting with a Kremlin-connected lawyer during the 2016 campaign.
In South Carolina, state officials met with the FBI and state law enforcement about the attempted hacking as early as August 2016, according to The Wall Street Journal. In September, the state requested help from the Department of Homeland Security (DHS), and hired its own private cybersecurity firm.
That month, the DHS located 55 different vulnerabilities on devices used by the Election Commission – vulnerabilities that could be used to access the voter registration database and the Commission's public-facing website.
The private security firm took more than three weeks to patch the majority of these vulnerabilities, DHS reports reveal. By Election Day, however, all but one vulnerability had been fixed.
According to the Election Commission's report, unidentified “malicious actors” tried 149,832 different times to find that vulnerability on 8 November.
South Carolina officials found no evidence that the voter rolls were actually breached. They believe the attacks were carried out by automated bots, rather than thousands of individual actors.
Still, Chris Whitmire, the State Election Commission’s director of public information and training, said this pattern marked a major departure from years prior.
“Security has been a top priority for the [State Election Commission] since implementing the statewide voting system in 2004,” Mr. Whitmire told the Journal. “However, events leading up to the 2016 General Election, including the breaches of other states’ voter-registration systems, created an election-security environment that was very different.”
And South Carolina was not alone, officials from the Department of Homeland Security testified last month.
“As of right now, we have evidence of election-related systems in 21 states that were targeted,” Jeanette Manfra, the acting deputy undersecretary for cybersecurity and communications at DHS, told the Senate Intelligence Committee.
Sources told Bloomberg that number could actually be much higher: As many as 39 states were targeted by an attack on poll-worker software, the sources allege. The attack reportedly breached dozens of voter databases, and at least one campaign finance database.
In a Senate testimony last month, former FBI Director James Comey warned that the threat of Russian hacking was far from over.
“[This] it is a long-term practise of theirs,” the former intelligence official said. “It's stepped up a notch in a significant way in '16. They'll be back.”