DHS Notifies 21 States of Russian Hacking for the First Time

(Illustration: Shutterstock)

Department of Homeland Security officials told 21 states on Sept. 22 that their election systems were breached by Russian hackers.

Alabama, Colorado, Connecticut, Iowa, Maryland, Minnesota, Ohio, Oklahoma, Pennsylvania, Virginia, Wisconsin, and Washington confirmed to the Associated Press that they were told they were targeted.

DHS reached out to all 50 states. This is the first instance that the Federal government told states whether they were targeted. Even though 21 states were targeted, that doesn’t mean that the actors made it inside the states’ election systems.

Symantec Gov Symposium
Join the best and brightest cyber minds at the 2017 Symantec Government Symposium on Dec. 5 where we’ll address cyber sabotage, ransomware, DDOS attacks, AI, IoT, and the cloud. Click here to learn more and register.

“We are concerned, however, that in June 2017, Jeanette Manfra, Acting Undersecretary for Cybersecurity and Communications at DHS, testified before the U.S. Senate Intelligence Committee that ‘the owners of the systems within those 21 states have been notified,’ ” said California Secretary of State Alex Padilla. “This was simply not true and DHS acknowledged they failed to contact us and ‘two or three’ other states.

Padilla said that DHS should have notified states sooner.

“It is completely unacceptable that it has taken DHS over a year to inform our office of Russian scanning of our systems, despite our repeated requests for information. The practice of withholding critical information from elections officials is a detriment to the security of our elections and our democracy.”

Padilla said that he sent a letter to National Security Agency Director Michael Rogers that said he had learned about hacking efforts from media reports and NSA documents, when he should have been informed by the Intelligence Community.

“I will continue to demand that our intelligence agencies be forthcoming with timely and actionable information relating to cybersecurity threats,” Padilla said. “I call on Congress to hold our intelligence agencies accountable to ensure they handle critical information with the urgency and transparency that elections officials and our democracy deserve.”

Sen. Mark Warner, D-Va., vice chairman of the Senate Select Committee on Intelligence, said that DHS needs to improve its information sharing process with state governments.

“Our elections are the bedrock of our democracy, and DHS needs to notify states and localities in real time when their systems are targeted,” Warner said. “While I understand that DHS detects thousands of attempted cyberattacks daily, I expect the top election officials of each state to be made aware of all such attempted intrusions, successful or not, so that they can strengthen their defenses–just as any homeowner would expect the alarm company to inform them of all break-in attempts, even if the burglar doesn’t actually get inside the house.”

Recent