Russian agent visited election websites in 2 Georgia counties in 2016

A Russian agent accused of tampering with the 2016 presidential election visited election websites in Cobb and Fulton counties, according to the Georgia Secretary of State’s Office.

The Russian, one of 12 military intelligence officials indicted this month as part of special counsel Robert Mueller's investigation, viewed a job posting for a Cobb election technician position and visited a Fulton website containing information for candidates.

The agent, Anatoliy Sergeyevich Kovalev, didn’t gain access to state or county election systems, said Candice Broce, a spokeswoman for Secretary of State Brian Kemp.

The Atlanta Journal-Constitution and Channel 2 Action News exclusively learned about the Russian connection to Georgia on Thursday, the same day Kemp’s office sent a bulletin to election officials across the state warning them about activity by a suspected Russian operative.

The news arrives amid widespread concern about election security in Georgia after the state exposed more than 6 million voters' private information in 2015. Election security advocates are pushing to replace Georgia's electronic touchscreens with a system that includes a verifiable paper ballot.

Georgia officials first found out that Russians viewed county election websites when the federal indictment was announced July 13, Broce said. Since then, the Secretary of State’s Office has been working with the U.S. Department of Homeland Security to find out more.

Kemp, who won the Republican nomination for governor Tuesday, has maintained for years that Georgia wasn't targeted or breached by the Russians during the 2016 general election.

“We welcome new information, and this is new information,” Broce said. “It is clear that there were Russian operatives who were looking at other states, and that in Georgia, there was a Russian operative looking at county websites. Still, DHS’ assessment has not changed. The Secretary of State’s Office has not been targeted or hacked.”

The indictment said Kovalev “visited the websites of certain counties in Georgia, Iowa and Florida to identify vulnerabilities.”

While it’s unclear what actions Kovalev took, it’s possible he was looking for election officials’ email addresses, according to the bulletin from the state to county election officials.

Then those email addresses could have been targeted by spear phishing campaigns, in which an attacker could gain access to computer systems through a malicious link. That’s what the indictment alleges happened when Russians broke into the email accounts of the Democratic Party and Hillary Clinton campaign officials, then distributed politically damaging emails through Wikileaks, which published the stolen emails.

The Cobb elections job website that Kovalev viewed didn’t contain any confidential information, Cobb Elections Director Janine Eveler said. Kovalev didn’t apply for the election technician job, and it was later filled internally.

“Everyone in the public can look at the same thing, so I don’t know what they could have gotten,” Eveler told Channel 2. “I’m not sure how anybody either in the public or internationally could have gotten anything that would have damaged elections. … We didn’t hire any Russians, please rest assured.”

In Fulton, the website visited by Kovalev contained general information for candidates, the election calendar, how to qualify to run for office, restrictions on campaign activities and conduct at polling places.

“Anybody can visit our website. It would concern me if there was evidence of something nefarious done, but all indications from DHS are it was just a visit,” Fulton Elections Director Richard Barron said.

The Secretary of State’s Office recently invited Department of Homeland Security officials to provide cybersecurity training to elections officials across the state, Broce said. Federal officials have already provided security assessments in 17 county election offices and warehouses.

Georgia was one of two states nationwide that didn’t accept the federal government’s offer to scan state election networks ahead of the presidential election to look for vulnerabilities. The state had already contracted with private cybersecurity companies to provide similar services, Broce said.

Following the revelation that a Russian agent visited Georgia election websites, officials will have to be more vigilant than ever to protect the integrity of elections, she said.

“It is a serious concern, and it’s something that we’ve been on top of,” Broce said. “We’re working with county officials every day, reminding them, don’t open a suspicious email. It seems basic, but that’s where you have vulnerabilities.”