JACKSONVILLE, Fla. – Two days after Duval County learned from a National Security Agency document that a Florida company providing the election's office voter-registration system was hacked, election officials located emails that were apparent "phishing" attempts to get into Jacksonville's computer servers.
County officials have found emails appearing to come from Tallahassee-based VR Systems sent to several employees just before the November 2016 General Election, but apparently the city's security software that scans for viruses caught and removed the suspicious link before the emails reached any employees' inboxes.
"By not having that attachment when it reached the end user, then there was no risk to the city. We didn’t even take any action on it," Supervisor of Elections Mike Hogan said.
The email was short, simply telling the staff to look at instructions on how to operate newly installed Electronic Voter Identification Systems, or EVIDs -- devices that are used to sign in voters at polling places in Duval dozens of other Florida counties.
Hogan said even though it’s a short email, there were a number of red flags that show something about the email just wasn't right.
“It was not VR’s normal email address," Hogan said. "The message contained (a) very obvious misspelling. It’s talking about a data change and, of course, no one does that in the middle of an election. So it was nothing that would tweak our folks to do anything with it."
Earlier this week, the U.S. Justice Department arrested government contractor Reality Leigh Winner, of Augusta, Georgia, for leaking the email about the VR Systems hack. She’s still being held in jail for leaking a document classified top secret.
News4Jax has learned that 122 suspicious emails like the one received by Duval County were sent out to various elections offices. Clay County received two of the emails and their server also caught it before it could do any damage. St. Johns County, which also uses the VR Systems EVIDs, did not receive the email.
VR Systems provided a statement Tuesday about the hacking:
When a customer alerted us to an obviously fraudulent email purporting to come from VR Systems, we immediately notified all our customers and advised them not to click on the attachment. We are only aware of a handful of our customers who actually received the fraudulent email and of those, we have no indication that any of them clicked on the attachment or were compromised as a result.
"Phishing and spear-phishing are not uncommon in our society. We regularly participate in cyber alliances with state officials and members of the law enforcement community in an effort to address these types of threats.
"We have policies and procedures in effect to protect our customers and our company.
"It is also important to note that none of our products perform the function of ballot marking, or tabulation of marked ballots."
Dmitry Peskov, a spokesman for Russian President Vladimir Putin, denied the allegations Tuesday, saying that the Kremlin did not see "any evidence to prove this information is true." He said Moscow categorically denies "the possibility" of the Russian government being behind it.