Wisconsin’s election systems including voter registration databases came under attack by Russian hackers around the time of the 2016 presidential elections, authorities say. (Photo: File/Gannett Wisconsin Media)
Special Counsel Robert Mueller’s investigative report on Russian interference in U.S. elections has not been released to the public, so we don’t know the full extent of his findings or whether they include Wisconsin connections.
But we do know that Russians and the Russian government were believed to have tried to attack websites, email servers and even voting systems in Wisconsin prior to and since the 2016 presidential election.
Some of those efforts appeared to have taken place even as Mueller’s team was closing in on suspected hackers.
Here’s what we know about alleged Russian or foreign tampering in Wisconsin, based on previous reporting by USA TODAY NETWORK-Wisconsin, the Milwaukee Journal Sentinel and other sources:
Wisconsin election systems came under attack in 2016
Wisconsin is one of 21 states whose elections systems were targeted by the Russian government, according to the Department of Homeland Security.
But there are conflicting reports about whether the Russians successfully penetrated Wisconsin’s voting systems.
► Russians tried in July 2016 to get into an inactive computer that belongs to the state Department of Workforce Development. Homeland Security officials believe the Russians were attempting to find weaknesses in state systems that they could exploit to try to get into elections systems.
► Later in the summer of 2016, a malicious web ad was set to show up on an Elections Commission computer but was not displayed because it was blocked by a firewall. If it had been displayed, the ad could have taken the user to a system federal officials later determined is linked to the Russian government.
When those hacking attempts became public in the fall of 2017, Homeland Security and Wisconsin officials said neither effort was successful in accessing elections systems including voter registration data. But in February 2018, NBC News reported that Wisconsin was among seven states whose systems were compromised in the attack.
Homeland Security challenged the accuracy of the report, which was based largely on three unnamed sources NBC News called senior intelligence officials. Public records did confirm, however, that Homeland Security failed to inform the targeted states for nearly a year that the Russian government was behind the hacking attempts.
RELATED: Report suggests Wisconsin systems hacked by Russians
RELATED: Feds didn’t tell Wisconsin the hackers were tied to Russia
Hacking attempts spiked even before the primary
Alerts of hackers targeting state government systems in Wisconsin spiked near the April and November presidential elections in 2016, according to records obtained by USA TODAY NETWORK-Wisconsin.
At the time the news organization revealed the increase in attacks, in a March 2017 report, the federal government had not yet notified the public or state officials that Russians were involved.
The spikes in hacking alerts, outlined in monthly cybersecurity reports produced by then Gov. Scott Walker’s administration, show a massive increase in attempts to find ways to break into state computer systems by repeatedly guessing passwords and other suspicious activities.
Two days before the state’s April 5 presidential primary, the reports show, state security analysts logged more than 150,000 alerts in a single day for attempts to find holes in state systems. The state has typically logged fewer than 60,000 of these alerts per day over the past two years.
RELATED: Massive spikes in hacking around 2016 elections
Even more unusual, after Green Party candidate Jill Stein petitioned for a recount of November presidential election ballots in Wisconsin, the number of alerts logged on a single day spiked to more than 800,000. It was the largest single-day spike in two years.
Walker’s administration said the spikes in April and November were “spread across all of our servers,” including — but not limited to — election systems. But the administration downplayed the increase in hacking attempts, emphasizing there was no evidence they were successful.
Social media users in Wisconsin also were victims
As the Wisconsin Center for Investigative Reporting noted in July 2018:
“Wisconsin and other battleground states including Pennsylvania were targeted by a sophisticated social media campaign, according to a recent University of Wisconsin-Madison study headed by journalism professor Young Mie Kim. This campaign tapped into divisive issues like race, gun control and gay and transgender rights. A Twitter account titled @MilwaukeeVoice and styled as a local news outlet was one of 2,752 now-deactivated Twitter bots and trolls — automated or human online fake personas — connected to Russia.”
RELATED: Wisconsin election systems still vulnerable
8th Congressional District Democrats were targeted
The website of the 8th Congressional District Democratic Party and some county Democratic parties in eastern Wisconsin were hacked in late November 2016 and again in late December or early January 2017, Mary Ginnebaugh, who chairs the 8th District and Brown County Democratic parties, told the Green Bay Press Gazette, which is part of the USA TODAY NETWORK.
In the most recent incident, hackers tried to register as administrators of the website — using Russian-appearing profiles and email addresses — but were unable to get past protections that had been put in place.
Local IT professionals were unable to trace the source or confirm the hackers were Russian, but referred the matter to the FBI, party leaders told the Press Gazette in January 2017.
RELATED: Police pass Democratic Party hacking attempt to FBI
Ginnebaugh said she thought it unlikely that anyone would have wanted to get into the 8th Congressional site or any of those five county sites they breached. Those included Brown, Calumet, Kewaunee, Oconto and Shawano counties.
She speculated that hackers may have thought they’d gotten into the state Democratic Party site, the address of which differs by just one letter. The 8th district site is wiscdems.com, while the state site is wisdems.com.
Separately there were reports of hacking attempts targeting Democratic Party websites in Ashland, Bayfield and Washburn counties.
Contact Mark Treinen at 715-845-0655 or email@example.com. Follow him on Twitter at @MarkTreinen, Instagram at @mark_treinen or Facebook at @Mark Treinen.
Read or Share this story: https://www.wausaudailyherald.com/story/news/2019/03/25/russian-hackers-attacked-wisconsin-elections-before-during-mueller-probe/3266933002/