Georgia traced an attempted breach of voter registration database to DHS

Pierluigi Paganini December 11, 2016

Georgia’s secretary of state, Brian Kemp, revealed that voter registration database was targeted by hackers with IP address linked to the DHS.

While President Barack Obama has ordered US intelligence agencies to deeper investigate the alleged Russian interference with the 2016 Presidential Election, Georgia announced it’s traced an attempted breach of the state’s voter registration database to the DHS.

The Georgia’s secretary of state, Brian Kemp, revealed that the voter registration database was targeted by hackers with IP address linked to the DHS.

The news is disconcerting as curious. Why IP addresses belonging to the DHS are involved in this cyber attack?

The first hypothesis sees a group of hacked systems at DHS that were used by a threat actor to access voter registration database. This means that hackers breached the systems of the US Government and are using them to move laterally and steal sensitive information.

In November 2014 the State Department has taken the unprecedented step of shutting down its entire unclassified email system in response to a suspected cyber attack.

‘Activity of concern’ was detected in the system concurrently with another cyber attack which hit the network at the White House computer network. A State Department staffer answering a call to the State Department Operations Center revealed that, as a precautionary measure, the e-mail system remained down.

In the same period, other US agencies were targeted by hackers, including the U.S. Postal Service and the National Weather Service, the U.S. Military confirmed that its systems were secured, according to official sources, none of the State Department’s classified systems were affected.

These are just a few examples of attacks that hit the US Government.

A second hypothesis sees someone in the US intelligence that is conducting a covert operation, for example, to build “false flag” for an alleged Russian attack, but sincerely this scenario is implausible. Another possibility is that agents at the DHS were conducting a penetration testing without authorization with the intent to measure the resilience of the Firewall to a cyber attack.

According to Georgia Secretary of State Brian Kemp, hackers were blocked by the firewall that protects Georgia’s voter registration database.

“Recently, I was made aware of a failed attempt to breach the firewall that protects Georgia’s voter registration database by an IP address associated with the Department of Homeland Security. On Thursday morning, , I sent a letter to DHS Secretary Jeh Johnson demanding to know why.” Georgia’s secretary of state, Brian Kemp wrote on his Facebook page.

The Wall Street Journal who visioned a copy of the letter sent by Mr Kemp, revealed the attempted attack occurred on November 15, just after the presidential election.

implausible. Another possibility is that agents at the DHS were conducting a penetration testing without authorization with the intent to measure the resilience of the Firewall to a cyber attack.

According to Georgia Secretary of State Brian Kemp, hackers were blocked by the firewall that protects Georgia’s voter registration database.

“Recently, I was made aware of a failed attempt to breach the firewall that protects Georgia’s voter registration database by an IP address associated with the Department of Homeland Security. On Thursday morning, , I sent a letter to DHS Secretary Jeh Johnson demanding to know why.” Georgia’s secretary of state, Brian Kemp wrote on his Facebook page.

The Wall Street Journal who visioned a copy of the letter sent by Mr Kemp, revealed the attempted attack occurred on November 15, just after the presidential election.

“We are looking into the matter. DHS takes the trust of our public and private sector partners seriously, and we will respond to Secretary Kemp directly,” the DHS said in a statement.

“At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our network,” Kemp wrote in his letter. “Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network.”

voter registration database

In response to the attacks the DHS offered a series of services to assess the security of voting systems, including cyber hygiene scans that were specifically designed to find flaws in the systems used during the election.

Anyway Kemp seems to have refused the DHS support

“But Georgia’s top election official is balking at the offers of assistance — and accusing the Obama administration of using exaggerated warnings of cyberthreats to intrude on states’ authority.” states a post published by Politico. “Georgia Secretary of State Brian Kemp’s objections add to a bumpy start for the Department of Homeland Security’s attempt to shore up safeguards for the election, during a summer when cyberattacks on the Democratic National Committee have called attention to weaknesses across the electoral system.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  US State Department, US Government)

[adrotate banner=”12″]



you might also like

leave a comment