State official blames DHS for hack
Georgia’s top election official is accusing the Department of Homeland Security of trying to hack a computer network containing the state’s voter registration database.
Brian Kemp, Georgia’s secretary of state, demanded information about the alleged intrusion attempt in a letter sent last week to Homeland Security Secretary Jeh Johnson.
“On Nov. 15, an IP address associated with the Department of Homeland Security made an unsuccessful attempt to penetrate the Georgia Secretary of State’s firewall. I am writing you to ask whether DHS was aware of this attempt and, if so, why DHS was attempting to breach our firewall,” Mr. Kemp wrote.
“At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our network,” he added. “Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network. This is especially odd and concerning since I serve on the Election Cyber Security Working Group that your office created.”
Indeed Mr. Kemp was appointed by the nonpartisan National Association of Secretaries of State earlier this year to serve as an adviser for a Homeland Security working group tasked with helping states manage cyber risks to their election and voting systems prior to the Nov. 8 election.
Despite holding that role, however, Georgia was one of only two states in the country that refused assistance offered by Homeland Security in the run-up to last month’s race because the state had already obtained the assistance of a third-party cybersecurity firm, CyberScoop reported.
David Dove, Mr. Kemp’s chief of staff, told CyberScoop that this decision caused “a lot of grief” for the Georgia’s secretary of state.
According to Mr. Kemp’s letter, last month the security firm caught someone trying to penetrate a computer network containing information pertaining to 6.5 million Georgians, 800,000 corporate entities and 500,000 licensed or registered professionals.
“Under 18 U.S.C. § 1030, attempting to gain access or exceeding authorized access to protected computer systems is illegal,” Mr. Kemp wrote.
Scott McConnell, DHS deputy spokesman, said he had received the letter and that the agency is “looking into the matter.”
“DHS takes the trust of our public and private sector partners seriously, and we will respond to Secretary Kemp directly,” he said.