More states tap DHS for help with voting security
DHS fields almost two dozen requests from states for cybersecurity services to help protect voter systems, as Capitol Hill leaders from both parties oppose critical infrastructure designation.
DHS Secretary Jeh Johnson said that his agency continues to field requests from states to supply cybersecurity scans and protections to voting systems.
As Election Day draws near, more states are looking to federal officials for help with securing voting systems against potential hacks and electronic tampering.
Twenty-one states, Homeland Security Secretary Jeh Johnson said in an Oct. 1 statement, have asked his agency for services to help secure their systems. DHS provides voluntary assistance to states on cybersecurity matters, including best practices guidance, cyber hygiene scans and incident response.
Johnson and DHS have been considering classifying state election systems as "critical infrastructure," providing them with official protections like those U.S. electrical and financial systems receive.
State officials have raised their voices opposing that move in the last few weeks, and leaders from both sides of the aisle in Congress are taking their side.
In a Sept. 28 letter, Speaker of the House Paul Ryan (R-Wis.), House Minority Leader Nancy Pelosi (D-Calif), Senate Majority Leader Mitch McConnell (R-Ky.) and Senate Minority Leader Harry Reid (D-Nev.) said they "would oppose any effort by the federal government to exercise any degree of control over the states' administration of elections by designating these systems as critical infrastructure."
Johnson said the letter was "a strong bipartisan statement endorsing the need" for state officials to leverage DHS' cybersecurity skills to help secure their systems. He emphasized DHS services had to be requested and were voluntary. He encouraged states to "to take full advantage of the robust public and private sector resources available to them to ensure that their network infrastructure is secure from attack."
The threat of "malicious cyber actors," he said, is growing and will probably be around for a while. "These challenges aren't just in the future -- they are here today." He noted that in "recent months," those actors have been probing "a large number of state systems" looking for possible openings for intrusions.
"In a few cases, we have determined that malicious actors gained access to state voting-related systems. However, we are not aware at this time of any manipulation of data," Johnson said.
That echoes comments from FBI Director James Comey, who told a Capitol Hill panel there had been "a variety of scanning activities and some attempted intrusions beyond those we knew about," since the intrusions of voter registration databases in Arizona and Illinois this past summer.
"We're urging states to make sure their deadbolts are thrown and their locks are on and that they get the best information they can from DHS just to make sure their systems are secure," he told the committee.
Comey also took pains to delineate that the systems most at risk are voter registration systems that are connected to the Internet. Voting machines that take votes, he said, are hard to break into because they are so widely dispersed and not typically connected to the Internet.