DHS Cyber Unit Fields False Alarms But No Hacks on Election Day
Incidents flagged as potential attacks turned out to be malfunctions or accidents, according to Homeland Security officials.
As Americans exercise their hard-won right to choose their leaders, the Homeland Security Department is poised to chase down any potential cyberattack or compromise of election infrastructure—and debunk rumors, if necessary.
Officials said they do not expect a real attack, but are ready to address rumors that could seriously affect turnout or undermine people’s confidence in the results.
The department is coordinating with other federal agencies—namely the FBI—as well as state and local officials throughout the day, including keeping at least one official stationed in every state available to respond to major concerns.
The Homeland Security Department held periodic briefings with reporters throughout the day. Here's what they said:
9 p.m. Briefing
Despite a few scares, there is no evidence of any cyberattacks against election infrastructure Tuesday, DHS officials said.
As expected, federal officials spent much of the day chasing down anomalies that appeared to have a cyber angle, though all turned out to be typical malfunctions or accidents.
For example, in several states earlier in the day, voters were receiving text messages reminding them to “vote tomorrow”—a day late. The text messages were reported to Homeland Security officials who determined that a flaw in a third-party provider’s API sent the message a day later than intended.
Another official offered a hypothetical example to watch for tonight on state and local election websites, where unofficial results will be posted.
“The resource requests that will be descending upon those pages in some cases may exceed their current capacity,” causing the page to crash from too much traffic, the official said. “Don’t automatically assume that it’s a [distributed denial-of-service] attack by a malicious actor, by the Russians, whatever. In some cases, it is just a technical configuration of those websites.”
6 p.m. Briefing
There have been no reported hacking incidents so far on Election Day, Homeland Security officials said during the evening briefing. However, they have seen quite a bit of misinformation being disseminated online.
As returns begin to come in and early results are reported, federal official reminded citizens that these will be unofficial results until verified by local authorities, which can take hours, days or even weeks. The official warned everyone to be wary of results being reported by dubious sources.
“Be sure to get official results from state and local election officials--those are the trusted sources here,” they said. “And know that, again, there are actors that may be trying to spread misinformation, disinformation, propaganda … garbage. Know your sources and think before you pass along information.”
3 p.m. Briefing
As of 3 p.m., officials from 45 states had joined the situational awareness room. In total, 271 people had engaged with the web portal to exchange information about potential voting issues they have seen throughout the day.
12 p.m. Briefing
Homeland Security officials have seen little to no hacking attempts and only a few isolated issues with voting systems so far on Election Day, they said in a noon update with reporters. Instead, they are seeing “run-of-the-mill activities” like system scanning.
“I liken it to pulling up Google Maps street view and looking at the house from your computer,” one official said. “It’s not anything that’s intrusive. It’s a drive-by of a website to see what it looks like.”
Voting machine vendors in communication with the Federal Election Commission said they have been seeing typical machine issues throughout the day but no more so than any other election.
“They did not share any widespread trends or growing trend with any specific machines,” a DHS official said of those conversations. “Just sparse issues with machines that they would typically see on Election Day.”
Even though DHS is only getting reports of low-level shenanigans and minor issues so far, officials said that is exactly what they wanted to happen.
“We encourage our partners to establish a very low threshold—or bar—for reporting so that any little thing can help us get that bigger, over-the-top, national picture,” they said.
9 a.m. Briefing:
Officials across the country are also keeping in touch using the National Situational Awareness Room, a web portal to enable real-time communications on potential issues. As of 9 a.m., some 20 states had logged in to the portal. Homeland Security officials expect that number to grow as polling stations begin to open.
While Homeland Security officials—especially those working in the National Protection and Programs Directorate—are focused on protecting the nation’s infrastructure from cyberattacks this Election Day, they are more worried about false claims of cyberattacks undermining American’s faith in the electoral system.
“We continue to monitor what’s going on across the country. Nothing significant yet to report at this point,” a federal official told reporters on a 9 a.m. call, adding that, no matter how unlikely, they are preparing as though there will be a major infrastructure attack, just in case.
However, the official said they have seen continued information campaigns, particularly from Russia.
“That’s to divide Americans,” the official said. “But there’s a lot of noise out there and a lot of it being pushed is propaganda in some cases. For the most part it’s all garbage.”
But that “garbage” can have a significant effect if people think their vote won’t be counted properly. That kind of disenfranchisement can lead to lower turnout and mistrust in the results of the election.
“It’s not necessarily the substantive or actual attacks against infrastructure” that election officials are most worried about today, “but it would be someone, an actor, getting on social media or other forms of communications and saying that they’re doing that,” the DHS official said. “What we’re looking to accomplish through the situational awareness rooms is identifying those issues as they pop up, getting the appropriate election official—the state or local election official in the relevant jurisdiction—to quickly assess, get to the root cause and be able to debunk those issues and issue statements.”