Russian Hacking in Arizona Likely Occurred Before Primary

This article is part of a larger study which I am currently working on related to issues potentially pointing to hacking throughout the country. Arizona’s 2016 election was wrought with controversy, including Russian hacking, claims of people kicked off the voter rolls, and lawmaker account hacking.

While I have not gone back prior to 2016, it would not be surprising, based on the identified issues to find more controversy. One of the things I find particularly interesting is the fact that the Arizona hacking issue probably did not begin in June, but much earlier.

Identification of characteristics of tampering with the voter registration database occurred in early March during primary voting. With no warning indicators, it became instantly salient the magnitude of problems which could be caused by people kicked off the rolls. There has yet to be any reasonable explanation for the voter registration tampering which has disenfranchised minorities on a large scale and my hypothesis would be that Russian hacking began prior to the primary — the reasons for which, shall be detailed below.

Accounting of Issues

On March 22, 2016, Arizona held its Primary Election and almost immediately, numerous reports began coming in about voters who were unable to vote without using a provisional ballot because they had their party switched to “no party preference.” Because of the subsequent history of Arizona election system hacking, it is highly likely the voter registration systems were penetrated and altered.

On March 26, 2016, a report on an anonymous blog posting demonstrated how the Arizona Primary Election was hacked.

Subsequently, Arizona Secretary of State, Michelle Reagan gave testimony accepting that there had been alterations of both Republican and Democrat party affiliations — where they were changed to “No Party Preference.” Her testimony appeared genuinely concerned, shocked, and heartfelt. The results were truly disturbing.

On April 15, 2016, Democrats instituted a lawsuit against the state of Arizona with the goal of ensuring that the provisional ballots were counted, citing Equal Protection rights and Voting Rights Act violations.

The case is currently in the 9th Federal Circuit awaiting disposition from the full Court.

On June 28, 2016, a few months later, the Arizona Secretary of State’s office issued a statement regarding the election systems:

“In light of information recently shared by the Arizona Department of Administration, access to VRAZII and Voter View will be temporarily interrupted due to maintenance related to system security.”

Secretary Reagan later recounted details of her initial conversation with the FBI:

“If any of you think that while we’re sitting here right now your state is not being hacked, or attempted to be hacked, we are fooling ourselves”

On June 30, 2016, the Mike Lettman, Chief Information Security Officer for the Arizona Department of Administration issued another statement:

“The FBI alerted the State’s cyber response team at the Arizona Dept. of Administration to the fact that they had reason to believe that a credential related to the Voter Registration System had been compromised. The response team immediately contacted the Sec. of State’s Office, advised them to investigate their system which resulted in the confirmation of a compromised County computer with malicious software on it. Under an abundance of caution, the Secretary made the decision to take the site offline last night to further investigate.  The Secretary and our team takes cyber security very seriously and protecting citizen data very seriously. We are working closely with the Sec. of State’s office and the FBI to determine next steps to ensure the integrity of the system.”

Mr. Lettman has extensive experience in IT and cybersecurity in government for both Arizona and Wisconsin.

On July 5, 2016 an update was posted to the Secretary of State’s website stating that there was still work to be completed and that the systems were still offline. A few days later they would come back online.

It turns out that hackers were actually able to install malicious software, prompting the state to take the machines down/offline for nine days. For those naysayers, this is a confirmed remote access and compromise of an election system – which means that it is possible just about anywhere there is a remote voting system.

On July 12, 2016, Secretary Reagan posted on the Secretary of State’s blog the following:

“Arizona Department of Administration that access to the Statewide Voter Registration System (VRAZ) was compromised by malware installed on a county computer and a user credential was leaked by a hacker.”

On August 18, 2016, the FBI issued a Flash Alert which was reported by Yahoo! on August 29. detailing a cyber analysis of the Arizona hacking incident.

The overarching concern is that hacking machines are a relatively easy venture according to computer science experts. The use of extremely powerful “hacking tools” which were apparently lost by the US recently would only serve to hasten and intensify such attacks. I have detailed this process in a previous article.

On November 8, 2016, Election Day, there were reports of problems with voting machines in Maricopa County.

On January 10, 2017, local news reported that numerous lawmakers’ computers have been infected with malware, of which one of the characteristics was to bring up a screen in Russian.

Apparent Russian hacking

The message has been implicated as malware and a phishing attack.

Phishing emails are generally designed to gain access to user credentials, harvest email and password information as well as financial and contact data. If a hacker gets a hold of a lawmaker’s information, there is the potential for ransomware, which I have written about in a previous article.


It cannot be understated that there is an omnipresent concern related to hacking elections and election systems in Arizona as well as other states. As Secretary Regan explained, we would be “fools” to think that other states have not been hacked. I would add that we would be equally foolish to think it is not happening right now.

Many have already called for and indeed there has been a movement to revote this particular election. In fact, there is a Petition in the Supreme Court seeking a nullification of the election itself. It is important to note that the Petition has been said to have an extremely limited chance of success, but that has not deterred those involved from pushing the effort forward. If there were to be a revote, does that mean we start the Republican and Democratic party candidates from scratch?

Beyond this, we must also consider other factors affecting the voting systems and what we can do to fix them, including advocating open source voting with redundancy and affordable auditing controls. We better monitor our election systems for intrusion, both foreign and domestic.

As Jefferson once wrote, “Democracy requires constant vigilance.


Leave a Reply

Your email address will not be published. Required fields are marked *