Never Mind: DHS Walks Back Reports of Election Hacks in Two States
[Image via shiftwa]
Earlier this week, I wrote about the Department of Homeland Security (DHS) notifying 21 state election offices of hacking attempts on their systems during the 2016 election. Now it appears that in at least two states, that information was wrong and that the reported attempts did not involve election systems. NECN has more:
The Department of Homeland Security has notified two states that Russian hackers attempted to scan networks other than their election systems in the run-up to the 2016 presidential election, contrary to details provided last week.
On Wednesday, California became the second state — after Wisconsin — to receive the clarification.
California Secretary of State Alex Padilla said in a statement that homeland security officials told him the scanning activity took place on the state technology department’s network and not on the Secretary of State website, as the state was told last week.
“Our notification from DHS last Friday was not only a year late, it also turned out to be bad information,” Padilla said in a statement.
He said the public and officials who oversee elections “deserve timely and accurate information” from Homeland Security.
Last week, the department notified election officials in 21 states that their systems were targeted last year “by Russian government cyber actors seeking vulnerabilities and access to U.S. election infrastructure.”
A DHS spokesperson noted that the agency’s error didn’t necessarily mean election offices were home free – but the two states involved say the reported targets don’t interact with their agencies:
Although the election systems in California and Wisconsin may not have been directly scanned, it does not mean hackers were not targeting them. Homeland Security spokesman Scott McConnell cautioned that “discussions of specific IP addresses do not provide a complete picture of potential targeting activity.”
For instance, hackers could have been using the other state agencies or networks to provide an access point to eventually gain entrance to a state election system…
In California, the Secretary of State’s office said it does not use the Department of Technology to provide IT services for its websites, internet-facing applications or the statewide voter registration database. In a statement, the technology department said its security systems worked as planned and that the “suspect activity” was blocked.
Meanwhile, Wisconsin’s chief elections officer said Wednesday that he still doesn’t know whether Homeland Security has provided the state with all available information about the hacking attempt.
The state was initially told that hackers had attempted to scan its internet-connected election infrastructure, likely seeking specific vulnerabilities to access voter registration databases. Days later, the Wisconsin Elections Board was told by Homeland Security officials that the scanning involved the state’s Department of Workforce Development, which oversees job training and unemployment benefits.
This is a huge deal for election officials and the cybersecurity community as a whole. Much of the debate over the response to election cyberthreats has involved DHS’ role – both the specifics of their assistance and whether states should accept it at all. If it turns out that DHS not only was slow in notifying election officials, but also had incorrect information(!), that leaves the election community worse off than it was in the first place – ignorance may not be bliss, but confusion is worse.
I’ll be curious to see how DHS explains this situation, and if any more state election officials receive the equivalent of Emily Litella: “Never mind.”
Stay tuned…