State of Georgia accuses Homeland Security of attempted hack
Georgia’s Secretary of State is accusing someone at the Department of Homeland Security of illegally trying to hack its computer network, including the voter registration database.
In a letter to Homeland Security Secretary Jeh Johnson, copied to the full Georgia congressional delegation, Georgia Secretary of State Brian Kemp alleges that a computer with a DHS internet address attempted to breach its systems.
Kemp writes: “On November 15, 2016, an IP address associated with the Department of Homeland Security made an unsuccessful attempt to penetrate the Georgia Secretary of State’s firewall. I am writing you to ask whether DHS was aware of this attempt and, if so, why DHS was attempting to breach our firewall.”
November 15 was a full week after the election.
The letter goes on say that the systems under attack contained the personal information of over 6.5 million Georgians, 800,000 corporate entities and over 500,000 licensed or registered professionals.
“At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our network,” writes Kemp. “Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network.”
Kemp is a vocal opponent of a suggestion floated by some lawmakers that DHS declare elections critical infrastructure, which would give the federal agency some control over the state-based election systems. The idea was born of fears that Russia intended to hack the presidential election. DHS has said they had no intentions to pursue that strategy.
Unlike many other states, Georgia notably turned down voluntary assistance from Homeland Security to shore up election systems.
Kemp is the co-chair of the National Association of Secretaries of State’s elections committee and sits on Homeland Security’s Election Infrastructure Cybersecurity Working Group.
“Under 18 U.S.C. § 1030, attempting to gain access or exceeding authorized access to protected computer systems is illegal,” he notes.
A representative for DHS said it had received the letter and was investigating.
“DHS takes the trust of our public and private sector partners seriously, and we will respond to Secretary Kemp directly,” said Deputy Press Secretary Scott McConnell.
Update 6:44 pm.