Just in time for the weekend, the Associated Press reported on Friday that the Department of Homeland Security had notified 21 states earlier that day that their election systems had been targeted by malicious cyber actors. The states and DHS quickly jumped to the conclusion that Russia had ordered the cyberattacks, even though it was reported that the identity or identities of the perpetrators were inconclusive Yet, the news spread like wildfire after readers had been primed as reports of possible infiltartion of state election systems had circulated for nearly a year. Even so, for many states, the call Friday from the Department of Homeland Security was the first official confirmation that their election systems had, in fact, been targeted by hackers.
Federal officials said that in most of the 21 states, the targeting was preparatory activity such as scanning computer systems.
But in a stunning reversal - one which we doubt will put endless rumors of Russian cyberinterference to bed - the AP now reports that DHS has told Wisconsin that the Russian government was not involved in the cyber-targeting.
In an email to the state’s deputy elections administrator that was provided to reporters at the Wisconsin Elections Commission meeting on Tuesday, Homeland Security said that initial notice of Russian involvement was made in error. Also, as we noted at the time, the government did not originally assign blame to the Russians when news of the alleged "scanning" initially broke on Friday although most medias jumped at the opportunity to blame Putin.
Infuriated by the error, some state officials said that DHS should provide an expalanation for the errror, or at least issue an apology to state elections officials, who were understandbly unnerved by the news of Russian involvement.
“Based on our external analysis, the WI IP address affected belongs to the WI Department of Workforce Development, not the Elections Commission,” said the email from Juan Figueroa, with Homeland Security’s Office of Infrastructure Protection.
It wasn’t immediately known if Homeland Security made similar mistakes with any of the other 20 states. Figueroa did not immediately reply to an email seeking an explanation of how the mistake was made.
Homeland Security initially told the Elections Commission that the Russians scanned the state’s internet-connected election infrastructure, likely seeking specific vulnerabilities to access voter registration databases.
“Either they were right on Friday and this is a cover up, or they were wrong on Friday and we deserve an apology,” Mark Thomsen, the commission’s chairman, said in light of the new email.
Wisconsin’s chief elections administrator Michael Haas told AP that Homeland Security had assured the state that it had not been targeted - by Russians, or anybody else, for that matter.
“Wisconsin was not provided any information that indicated before the November election that Russian government actors were targeting election systems,” Haas said. He said one theory is that Homeland Security saw suspicious activity from IP addresses targeting state election systems in other states and assumed that was the intent in Wisconsin as well.
Others were apparently in shock: “It’s been a difficult process trying to piece all of this together,” said Wisconsin Elections Commission spokesman Reid Magney. “We’re trying to understand what happened.”
Furthermore, Wisconsin’s chief information officer, David Cagigal, told the elections commission that Wisconsin had never been told by Homeland Security, prior to the Friday notice, that Russians had targeted Wisconsin’s election system or anything else. Deputy information officer, Herb Thompson, said Homeland Security told the state in October to check on a certain IP address that the state had blocked from accessing its systems in August 2016.
“We have never seen any of those activities result in anything other than someone trying to turn the doorknob to see if a door is open,” Thompson said. “Those IP addresses we talked about, we had blocked, they were related to non-election systems.” Cagigal said, “Our systems were protected and we had no incidences.”
Still, the state's election commission has promised to improve security before the midterms next year. Reports that Russians may have targeted, or infiltrated, state voting systems have been circulating since late last year, when the Washington Post published a story about alleged Russian infiltration in Vermont, only to retract the story shortly after.
While we doubt that this will be the last "Russia hacked the elections" fake news, it is reassuring that all this frenzied chaos will at least bring some security to America's voting systems. Security enhancements being considered include encrypting the entire voter registration database to protect the information and make it unusable to anyone who may be able to steal it and requiring two-factor authentication for the roughly 3,000 local and state officials who have access to the WisVote system.
Perhaps an appropriate question is why this wasn't done before?