Nearly half of all the U.S. states were informed by the DHS (Department of Homeland Security) last September 22 that several Russia-linked hackers had previously targeted their election systems in hopes to influence the outcome of the 2016 election.
Majority of the targeted states were only met with preparatory actions by the hackers, such as scanning the election system to look for vulnerabilities that can be exploited.
On the flip side of the coin, other targeted states were met with infiltration attempts that were unsuccessful.
Only a handful of states — with Illinois still being the only one to publicly confirm so far — experienced a successful system breach that led to their election polls being compromised.
Targeted states
About a year ago, the DHS first announced their findings to the public on states being targeted by Russian-affiliated hackers.
However, up until just recently, the US government withheld from these states the information on whether they were targeted by the attempted cyber attack or not.
The AP (Associated Press) — a multinational news cooperative — communicated election offices from all over the United States to determine which states were targeted by the attack.
According to their findings, some of the states that have been targeted included those that could have been highly influential to the election’s results, such as “Florida, Ohio, Pennsylvania, Virginia, and Wisconsin.”
Other states that confirmed were the following: “Alabama, Alaska, Arizona, California, Colorado, Connecticut, Delaware, Illinois, Iowa, Maryland, Minnesota, North Dakota, Oklahoma, Oregon, Texas, and Washington.”
The DHS mentioned that the hackers chose to target government networks and voter registration systems instead of the poll-tallying software.
Delayed notification
Several prominent government figures disagreed on the DHS’ decision to delay the notification of states about the hacking attempts.
Some of these figures included Alex Padilla (California’s Secretary of State) and Senator Mark Warner.
In a recent statement, Padilla said:
“It is completely unacceptable that it has taken DHS over a year to inform our office of Russian scanning of our systems, despite our repeated requests for information. The practice of withholding critical information from elections officials is a detriment to the security of our elections and our democracy.”
And also, according to Senator Warner:
“It’s unacceptable that it took almost a year after the election to notify states that their elections systems were targeted, but I’m relieved that DHS has acted upon our numerous requests and is finally informing the top elections officials in all 21 affected states that Russian hackers tried to breach their systems in the run up to the 2016 election.”
DHS response
In response to these comments, Scott McConnell (DHS Spokesperson) explained the agency’s decision in informing the states:
“DHS does not publicly disclose cybersecurity information shared between the department and its partners. When we become aware of a potential victim, DHS notifies the owner or operator of the system, who in this case may not necessarily be the Secretary of State’s office. However, recognizing that state and local officials should be kept informed about cybersecurity risks to election infrastructure, we are working with them to refine our processes for sharing this information while protecting the integrity of investigations and the confidentiality of system owners.
This includes the development of an election subsector coordinating council and making security clearances available to those who may need access to classified information in the oversight of their election systems. As part of our ongoing information sharing efforts, today DHS notified the Secretary of State or other chief election officer in each state of any potential targeting we were aware of in their state leading up to the 2016 election. We will continue to keep this information confidential and defer to each state whether it wishes to make it public or not.”
What’s next?
Do you think the DHS made the right choice in withholding the hacking information? What steps should the government now take to address this situation?
Do tell us your thoughts, experience, and feedback in the comment section below as we would love to hear from you.
Stay tuned for more of the latest trends and happenings.