Tag Archives: DHS

EAC seeks clarity on DHS election role

We still don’t know what it means.”

 

U.S. Election Assistance Commission chairman Thomas Hicks says the EAC plans to meet with Department of Homeland Security officials on February 2 so DHS can answer questions about its designation of state voting systems as “critical infrastructure.”

“We’re hoping to have a forum to ask DHS and the Trump administration what the designation means and does it go forward” under the new administration, Hicks said.

EAC Commissioner Christy McCormick wrote a scathing criticism of DHS’ unilateral action to impose the critical infrastructure designation, which she described as a “purely political” decision that “blindsided” state election officials and the EAC.

Ohio Secretary of State doesn’t want uninvited feds overseeing elections

Ohio Secretary of State Jon Husted voiced his objections to the Department of Homeland Security’s unilateral decision last Friday to designate state election systems as “critical infrastructure” at the Ohio Election Association Officials conference this week, saying he’s concerned that DHS is unwilling to put into writing that they won’t intervene in any state’s election without the state’s consent.

“Whether it’s a Homeland Security secretary appointed under President Obama or one appointed under President Trump, I don’t want the federal government to have authority to invite themselves into our elections process in Ohio or any other state without our permission,” Husted said, followed to applause.

 

The National Association of Secretaries of State conference in February will focus on clarifying the issue, Husted said. If the department continues to evade a written statement and will not remove the designation, the NASS will ask Congress to clarify in law that Homeland Security cannot intervene in state elections without consent.

 

EAC commissioner scathes DHS for decision to designate election systems “critical infrastructure”

U.S. Election Assistance Commission (EAC) Commissioner Christy McCormick issued a scathing statement Saturday denouncing the Department of Homeland Security’s Friday-night designation of state and local election systems as “critical infrastructure.”

 

McCormick says DHS Secretary Jeh Johnson’s unilateral decision “appears to be purely political” and “blindsided” state election officials and EAC Commissioners.

 

McCormick raises a number of concerns about the substance of DHS’ action: the scope and effect of the designation isn’t known; it politicizes elections and creates a layer of non-transparency and unnecessary federal bureaucracy; the “Russian hacking” justification is thin at best; and the designation opens States to legal, financial and privacy liabilities.

 

But the sharpest criticism is aimed at DHS’ process. McCormick calls it “disingenuous, at best,” which helps explain the high level of mistrust the agency’s action has engendered:

This designation blindsided election officials, who were not provided an adequate opportunity to engage in the decision-making process. While DHS claimed that it would publish notice of the consideration of the designation in the Federal Register and provide a comment period, it did not do so. Additionally, DHS set up an “Election Infrastructure Cybersecurity Working Group,” which included some of the Secretaries of State, to participate in the process, but it effectively never utilized that group. It is obvious to me that Secretary Johnson discarded and dismissed the opinions and concerns of the Secretaries and of the EAC Commissioners, the very people who actually have deep professional experience in conducting and administering elections in this Country, before making this decision.

 

DHS officials represent that they are speaking for the Federal Government, but this Federal agency, the sole mission of which is to assist the States and local election officials in the administration of elections, and which sets the national guidelines for voting systems and tests and certifies those systems, and is a clearinghouse for the best practices in election administration, speaks for itself, and it does not agree with this designation. While this statement is not on behalf of the Commission or my fellow Commissioners, I can say that all of the EAC Commissioners have publicly stated they are not in favor of this designation and had advised Secretary Johnson and his subordinates that he should not move forward with it.

 

Moreover, we have often been dismayed and confused over either the lack of or conflicting information that has been provided to us. There have been occasions when we have spoken to or been briefed by DHS officials and sometimes even less than an hour later seen different or additional information provided by or leaked to the media by DHS officials. Numerous times after our discussions with DHS and/or other members of the USIC we have been left shaking our heads and unable to reconcile the pieces of information that they have given to us.

 

One must question the end game of this effort, especially when the touted benefits of this designation have already been offered and provided to elections officials throughout the past four months. Our states and territories have Constitutional authority to conduct elections, NOT the Federal Government. Elections officials have been aware of and have been dealing with cyber security and physical security of election infrastructure for many, many years and do an excellent job of it. This designation appears to be purely political, especially given that it was made with two weeks before the change in administrations. Elections officials asked for more time, conversation, and discussion and a thorough understanding of the scope and benefits of the critical infrastructure designation. That request was flat out denied by the unilateral action of Secretary Johnson.

State election officials question “unprecedented” DHS move to declare election systems “critical infrastructure”

More fallout over the Obama administration’s move to classify state and local election systems “critical infrastructure:”

 

The National Association of Secretaries of State (NASS) calls the decision by Department of Homeland Security Secretary Jeh Johnson “legally and historically unprecedented, raising many questions and concerns for states and localities with authority over the administration of our voting process.”

Americans need to know that the November 2016 election – the voting process itself – was not hacked or subject to manipulation in any way. No credible evidence of hacking, including attempted hacking of voting machines or vote counting, was ever presented or discovered in any state. State and local autonomy over elections is our greatest asset against malicious cyberattacks and manipulation. Our decentralized, low-connectivity electoral process is inherently designed to withstand such threats.

 

While we recognize the need to share information on threats and risk mitigation in our elections at all levels of government, as we did throughout the 2016 cycle, it is unclear why a critical infrastructure classification is now necessary for this purpose.

Federal power grab? Obama’s DHS declares election systems “critical infrastructure”

On Friday, over the acknowledged opposition of many state and local election officials, the Department of Homeland Security designated election systems nationwide as “critical infrastructure.”

 

The designated systems include state and local “storage facilities, polling places, and centralized vote tabulations locations used to support the election process, and information and communications technology to include voter registration databases, voting machines, and other systems to manage the election process and report and display results on behalf of state and local governments.”

 

DHS Secretary Jeh Johnson claims the designation “does nothing to change the role state and local governments have in administering and running elections” and that “cybersecurity assistance” will only be given to state and local election officials “who request it.”

 

Many remain skeptical.

 

Election expert John Fund posits that the Obama administration is using the Russians as an excuse to expand federal power over elections, given that “the decentralized U.S. election system makes large-scale hacking almost impossible,” Johnson’s own admission that “there is no credible threat of a successful cyberattack on the voting and ballot-counting process,” and this administration’s propensity for power grabs.

It looks all too much like an excuse to seize more power from state authorities, and it resembles the administration’s other moves on election law: filing lawsuits against popular voter-ID laws, blocking states from requiring a proof of citizenship when people register to vote, and refusing for eight years to enforce federal laws that require states to clean up their voter rolls if they accept federal money for their operations.

Georgia Secretary of State confirms 10 cyberattacks traced to DHS addresses

Department of Homeland Security officials admitted last week, after being called out by “mad as hell” Georgia Secretary of State Brian Kemp, that a massive November 15 hack attempt on the Georgia secretary of state’s network came from a DHS IP address.

 

Now Kemp confirms that 10 separate cyberattacks on his agency’s network were all traced back to DHS addresses.

In an exclusive interview, a visibly frustrated Secretary of State Brian Kemp confirmed the attacks of different levels on his agency’s network over the last 10 months. He says they all traced back to DHS internet provider addresses.

While still waiting for DHS to explain how the attempted hacks happened, Kemp is also concerned about the timing of the attacks and wonders “if somebody was trying to prove a point.”

Kemp says several of those scans came around the same time he testified before Congress about his opposition to a federal plan to classify election systems as “critical infrastructure,” like power plants and financial systems.

“Exclusive: DHS Says Georgia Hack May Have Been Rogue Employee”

A rogue employee. Haven’t we heard this excuse before?

 

A day after Georgia Secretary of State Brian Kemp questioned Homeland Security Secretary Jeh Johnson about why “an IP address associated with the Department of Homeland Security” attempted to breach his agency’s network firewall in November, DHS officials told members of Congress that a rogue federal employee may have been responsible for the hack attempt.

On Friday afternoon DHS initiated a conference call with members of Georgia’s congressional delegation to discuss the cyber-attack, a Capitol Hill staffer with knowledge of the call told LifeZette.

 

DHS officials said on the call that there were two possible explanations for the hack, the source said. Either a malicious third-party mirrored the DHS IP address linked to the hack — or someone within the department executed the attempted infiltration without authorization.

Kemp told Johnson he found the incident “especially odd and concerning since I serve on the Election Cyber Security Working Group that your office created.” Georgia was one of the few states that declined DHS-offered cyber security testing prior to the November election.