We’re still looking for Boris and Natasha.
First, it was reports that Wisconsin’s voter registration systems had not been breached by Russian hackers, and now California has a similar story.
On Wisconsin, per the Associated Press, “The state was initially told that hackers had attempted to scan its internet-connected election infrastructure, likely seeking specific vulnerabilities to access voter registration databases. Days later, the Wisconsin Elections Board was told by Homeland Security officials that the scanning involved the state’s Department of Workforce Development, which oversees job training and unemployment benefits.”
And in California, according to Secretary of State Alex Padilla, “Last Friday, my office was notified by the U.S. Department of Homeland Security (DHS) that Russian cyber actors ‘scanned’ California’s Internet-facing systems in 2016, including Secretary of State websites. Following our request for further information, it became clear that DHS’ conclusions were wrong. DHS confirmed that Russian scanning activity had actually occurred on the California Department of Technology statewide network, not any Secretary of State website. Based on this additional information, California voters can further rest assured that the California Secretary of State elections infrastructure and websites were not hacked or breached by Russian cyber actors.”
So, wait. How does DHS mistake a state’s voter registration system for its Department of Workforce Development that handles unemployment benefits?
Or the Secretary of State’s website and election infrastructure with its Department of Technology, which has nothing to do with elections in California but instead handles information technology at unrelated state agencies?
DHS had notified 21 states in total of supposed Russian hacking: Alabama, Alaska, Arizona, California, Colorado, Connecticut, Delaware, Florida, Illinois, Iowa, Maryland, Minnesota, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Texas, Virginia, Washington, and Wisconsin.
DHS has since issued a statement that it “stands by its assessment that Internet-connected networks in 21 states were the target of Russian government cyber actors seeking vulnerabilities and access to U.S. election infrastructure.”
Shouldn’t it be 19 states now, assuming these are the only discrepancies with the original assessment? And note the malleable words, “Internet-connected networks in 21 states,” which sounds a lot less certain than was originally billed.
The Director of National Intelligence assessment was more specific in January, “Russian intelligence accessed elements of multiple state or local electoral boards.”
Prior to the election in October, DHS had issued a joint assessment stating, “Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.”
But, added the statement, “States ensure that voting machines are not connected to the Internet, and there are numerous checks and balances as well as extensive oversight at multiple levels built into our election process.” In other words, nobody ever thought ballots had been tampered with or could have been in the first place. Leading to the obvious question: If there was no danger to the integrity of the elections, why were assessments being issued before they took place?
In the meantime, no word yet on other discrepancies to do with these assessments or what evidence led DHS to originally issue the warning a year ago. Also, no explanation has been given for why it took DHS a year to even provide information about the supposed breach to the states said to have been targeted.
Elections are run by the states. Wasn’t this supposed to be some sort of an emergency? Russia was hacking our election systems. It was an attack on our democracy comparable to a cyber Pearl Harbor. Yet it wasn’t until last week basic information was provided to the states, many of which have held primaries and other special elections in the intervening months using those very systems that were supposedly compromised.
But now we know much of it did not even constitute a real threat to the election systems, which might remind everyone of the intelligence services pivot from Iraqi weapons of mass destruction to weapons of mass destruction capabilities last decade when the weapons stocks could not be found.
How do you go from “election-related systems” and “state or local election boards” to “Internet-connected networks in 21 states” including unrelated IT departments and workforce development departments “seeking vulnerabilities and access to U.S. election infrastructure”?
It seems like that DHS is back-tracking, and now at least California and Wisconsin know why.