Homeland Security Frustrates Some Who Want Action on Russian Hacking

The ranking member on the Senate Intelligence Committee, Sen. Mark Warner, D-Va., was on national television on Sunday expressing skepticism about the Homeland Security Department’s recently stepped-up commitment to preventing a recurrence of Russian hackers’ efforts to interfere with the 2016 elections.

“The fact that the president of the United States still refuses to unambiguously acknowledge that the Russians attacked us means that we have no whole-of-government approach to how we're going to deal with this problem,” he said on Meet the Press. “For example, DHS has indicated 21 states were hacked. It's my understanding that most of the secretaries of state have not even been briefed on whether their states were hacked or not.”

Warner had written to Homeland Security Secretary John Kelly on June 20 urging him to “urgently work with state election officials and the Federal Bureau of Investigation to disclose publicly the full scope of foreign attempts to interfere in the 2016 elections.”

Similar frustration was evident at the July 7-10 summer conference of the National Association of Secretaries of State in Indianapolis, according to participants and reporting by CNN. DHS officials presenting their plan for securing the 2018 elections did not respond to all questions and demonstrated “a knowledge gap” on precisely who within each state is chiefly responsible for elections, one participant told Government Executive.

Words used by secretaries and their staffs included "frustrating" and "disappointing.” Said Jim Condos, a Democrat from Vermont, “Let's just say we need better lines of communication.”

Asked to respond, a DHS official told Government Executive that the department is “continuously working to improve the information sharing process.” The official explained via email that the department’s project, “while not a definitive source in identifying individual activity attributed to Russian government cyber actors . . . established that Internet-connected election-related networks, including websites, in 21 states were potentially targeted by Russian government cyber actors.”

“This included a small number of networks that were successfully compromised, there were a larger number of states where attempts to compromise networks were unsuccessful, and there were an even greater number of states where only preparatory activity like scanning was observed,” the official said. “When we become aware of a potential targeted entity, DHS notifies the owner or operator of the system, who may or may not be the Secretary of State’s office.”

Homeland Security spent much of 2016 working with states in anticipation of a possible hack, but the situation came to a head in the final days of the Obama administration when then-Homeland Security Secretary Jeh Johnson declared election systems “critical infrastructure.” That irked some of the secretaries of state, who covet their state and local authority to protect the electoral process, and reaffirmed it in a February resolution.

Last month, at a House Intelligence Committee hearing on the Russian role in last year’s elections, ex-Secretary Johnson explained that he had first broached the possibility of such a declaration in August, in calls with secretaries of state. The advantage of status as critical infrastructure, he said, is that for cybersecurity purposes “election officials, upon request, would be a top priority for the receipt of DHS’s services, and . . . that, as part of critical infrastructure, election infrastructure would receive the benefit of various domestic and international cybersecurity protections.”

Johnson said he was disappointed that the reaction by state officials was largely negative, though by Election Day, “a large number of state and local election officials did in fact respond to our offers of cybersecurity assistance,” he added. “More specifically, almost every state contacted DHS about its services, and 33 states and 36 cities and counties used DHS tools to scan for potential vulnerabilities and/or sought mitigation advice from us.”

At a Senate Intelligence Committee hearing the same day, Acting DHS Deputy Undersecretary of Cybersecurity Jeanette Manfra acknowledged that elections-related systems were targeted by Russia in 21 states, but said none were involved in vote tallying and declined to publicly name those that had data exfiltrated.

DHS under the Trump administration must operate in a climate in which the president and many of his political supporters continue to reject the notion that the Russians played an important role during 2016.

Still, the department this month has expanded its efforts to help state and local officials protect elections, according to reporting by Politico. Bob Kolasky, who is acting deputy undersecretary for infrastructure protection at DHS's National Protection and Programs Directorate, was in Indianapolis with the state secretaries to present a four-pronged plan.

It includes themes of collaboration, information sharing, threat and risk analysis and the provision of digital tools, as well as communication with enforcement agencies such as the FBI and the Election Assistance Commission. (That commission, which offers state election officials guidelines for protecting vote integrity, has been targeted by Republicans in Congress for termination.)

Kolasky said he welcomed all feedback as helpful, and agreed with many of the state secretaries’ complaints, according to CNN.

The secretaries of state, meanwhile, this month approved an updated resolution reaffirming “their commitment to strengthening election cybersecurity and processes.”

Image via Rob Crandall/Shutterstock.com.