18 states tap DHS for voting security help
Jeh Johnson updated lawmakers on election security efforts during a hearing that focused on a variety of online and physical threats.
In response to the threat of foreign interference in U.S. elections, 18 states have asked the Department of Homeland Security for advice on how to protect voting technology from cyber tampering, according to Secretary Jeh Johnson.
In testimony at a Sept. 27 hearing of the Senate Homeland Security and Governmental Affairs Committee, Johnson acknowledged efforts to penetrate voter data systems. Asked if hackers could change ballot counts, Johnson said the goal was to steal personally identifiable information.
"We have confidence in the overall integrity of our electoral [system] -- it is diverse, subject to local control, and has many checks and balance built in," Johnson said in his written statement. "However, in this environment, we must be vigilant."
DHS is providing assistance to states by conducting cyber hygiene scans on internet-facing systems and around-the-clock access to cyber incident reporting centers.
Johnson testified alongside FBI Director James Comey and Nicholas Rasmussen, director of the National Counterterrorism Center.
Lawmakers homed in on efforts to counter the online and social media influence of the Islamic State group, and Comey noted that although progress is being made in blocking some of its accounts with the cooperation of companies such as Twitter, militants are moving to encrypted platforms, such as Telegram, to share information and recruit followers.
"Our mission is to try to get into those spaces to see what those thugs, those savages are doing in that space," Comey told lawmakers.
Johnson also updated senators on efforts to secure federal networks using the Einstein intrusion-detection system. He said Einstein 3-Accelerated protects 65 percent of federal civilian agencies and is available at all agencies.
Additionally, the second phase of the Continuous Diagnostics and Mitigation program, which gives civilian agencies access to commercial tools to detect and respond to network threats, will be available to all civilian agencies in 2017.