DHS giving 'active defense' cyber tools to private sector, secretary says
33 states accepted DHS aid to secure elections
The Department of Homeland Security (DHS) provided cybersecurity assistance to 33 state election offices and 36 local election offices leading up to the 2016 presidential election, according to information released by Democratic congressional staff.
During the final weeks of the Obama administration, the DHS announced that it would designate election infrastructure as critical, following revelations about Russian interference in the 2016 election.
Since January, two states and six local governments have requested cyber hygiene scanning from the DHS, according to a memo and DHS correspondence disclosed Wednesday by the Democratic staff of the Senate Homeland Security and Governmental Affairs Committee.
The information is related to the committee's ongoing oversight of the DHS decision to designate election infrastructure.
The intelligence community said back in January that in addition to directing cyberattacks on the Democratic National Committee and top Democratic officials, Russia also targeted state and local electoral systems not involved in vote tabulating.
In June, DHS officials told senators investigating Russian interference that there was evidence that Russia targeted election-related systems in 21 states, none of them involved in vote tallying.
Officials have previously confirmed breaches in Arizona and Illinois, though it remains unclear whether other systems were successfully breached. Lawmakers such as Sen. Mark Warner (D-Va.) have demanded more information on the specific states targeted.
Homeland Security and Government Affairs ranking member Claire McCaskill (D-Mo.) wrote then-Secretary of Homeland Security John Kelly back in March, asking for more information on his plans for the critical infrastructure designation. The information released Wednesday is drawn from his response on June 13. Kelly has since left his post to serve as President Trump's chief of staff.
"Prior to the election, DHS offered voluntary, no-cost cybersecurity services and assistance to election officials across all 50 states. By Election Day, 33 state election offices and 36 local election offices requested and received these cyber hygiene assessments of their internet-facing infrastructure," Kelly wrote.
"In addition, one state election office requested and received a more in-depth risk and vulnerability assessment of their election infrastructure."
Given the critical infrastructure designation, the DHS is providing cyber hygiene assessments, which include vulnerability scanning of election-related systems excluding voting machines and tallying systems, which the department recommends being disconnected from the internet.
The department also offers risk and vulnerability assessments, which include penetration testing, social engineering, wireless discovery and identification, and database and operating systems scanning. The DHS is also responsible for sharing threat information with owners and operators of critical infrastructure, which now include state and local election officials.
"Following the establishment of election infrastructure as critical infrastructure, several state and local governments requested new or expanded cybersecurity services from DHS," Kelly disclosed in June, according to the letter. "Specifically, an additional two states and six local governments requested to begin cyber hygiene scanning (one state has, however, ended its service agreement). DHS also received one request for the risk and vulnerability assessment service."
Many state and local election officials have opposed the designation, saying that the DHS has not offered enough information about what it means. The department has insisted that assistance will be given only to states that request it.
In the letter, Kelly, who has acknowledged objections, said there are "no plans to make any changes to the designation of election infrastructure as a critical infrastructure subsector."
All of the Democratic members of the Senate Homeland Security and Governmental Affairs Committee have called for a full investigation into Russian election interference. The matter is already under investigation by the House and Senate Intelligence committees.
The memo issued by Democratic staff on Wednesday was sent to the full committee.