DC Indictment Contends Russian Election Hackers Targeted Unnamed Georgia Counties

ALM Media
Updated

[caption id="attachment_16737" align="aligncenter" width="620"]

Georgia Secretary of State Brian Kemp (Photo: John Disney/ ALM)[/caption] When the U.S. Department of Homeland Security announced last year that Russian hackers targeted election systems in 21 states in the run-up to the 2016 presidential election, Georgia Secretary of State Brian Kemp insisted Georgia wasn’t one. A federal indictment recently handed down in Washington says Kemp was wrong. Although Kemp told The Atlanta Journal-Constitution at the time that a Homeland Security official personally assured him Georgia “was not targeted or breached by the Russians during the 2016 general election,” the July 13 indictment of 12 Russian military intelligence officials on charges that they interfered with the 2016 presidential election indicates otherwise. Kemp faces a runoff Tuesday for the Republican gubernatorial nomination. President Donald Trump endorsed Kemp on Twitter on Wednesday. On Thursday, Kemp spokeswoman Candice Broce said there’s never been a breach at the secretary of state’s office. “We have never been hacked, and according to President Trump and the Department of Homeland Security, we have never been targeted,” she added. Kemp, she continued, “has leveraged private sector solutions for robust cybersecurity, well before any of those options were offered by the federal government.” The federal indictment alleges that, just prior to the 2016 election, a Moscow-based Russian military officer named Anatoliy Sergeyevich Kovalev conspired to hack state boards of elections and secretaries of state across the nation and U.S. companies that supplied technology and software related to the administration of U.S. elections. The intent: “To steal voter data and other information stored on those computers,” the indictment said. Kovalev and his co-conspirators were diligent. The indictment spells out that the Russian officer and his cohorts researched domains used by state election boards, secretaries of state, and other election-related entities to seek website vulnerabilities. Kovalev and his co-conspirators also searched for state political party email addresses, including filtered queries for email addresses listed on state Republican party websites, the indictment said. The FBI issued an alert to all state election officials in August 2016, warning them of attempted hacks of state election data systems. Georgia was one of two states that did not accept federal help to secure its election apparatus. At the time, Kemp was dismissive in an interview with Politico. “Because of the [Democratic National Committee] getting hacked, they now think our whole system is on the verge of disaster because some Russian’s going to tap into the voting system,” Kemp said. “Anything is possible, but it is not probable at all, the way our systems are set up.” Two months later, Kovalev and his co-conspirators stepped up their efforts and put Georgia in their sights, according to the indictment. On or about Oct. 28, 2016, Kovalev and his co-conspirators visited the websites of “certain counties” in Georgia, Florida and Iowa, the indictment said. The indictment neither identifies the counties that were targeted nor says what the website visits entailed or whether any election systems were penetrated. Broce said the secretary of state’s office has confirmed with DHS that the Russian military officers named in the indictment “did not do anything other than visit web pages.” “Visiting a website is not hacking a website,” she said. “There was no hack.” But the date is significant. On Oct. 28, 2016, then-FBI Director James Comey notified Congress that the FBI was reopening its investigation of Democratic presidential nominee Hillary Clinton’s use of a personal server for government email. By then, early voting had begun in Georgia, and The Atlanta Journal-Constitution reported big crowds at polling sites in Atlanta and surrounding suburbs. A newspaper poll released the previous week showed Trump and Clinton in a dead heat. A week after the presidential election, the secretary of state’s office was alerted by its outside cybersecurity vendor of what Kemp would later tell the AJC was “a large attack on our system.” In letters to Georgia’s two senators and DHS, Kemp contended an IP address associated with the hack had been traced back to DHS. Already suspicious of the Obama administration, which Kemp accused of attempting to “subvert the Constitution” by federalizing elections, Kemp called on newly-elected Trump to investigate. In his letter to Trump, Kemp said his staff had uncovered at least 10 separate attempts to break into Georgia’s elections systems in the 10 months leading up to the presidential election. All of them led back to the DHS, Kemp claimed. Right-wing media trumpeted Kemp’s allegations, claiming the Obama administration, not the Russians, were the real hackers. In December 2016, then-DHS Secretary Jeh Johnson notified Kemp there had been no scanning or security assessment of his network by DHS cybersecurity experts and that a government contractor had accessed a publicly accessible website to verify professional licenses issued by the secretary of state. In June 2017, DHS’s inspector general released a report concluding the department did not breach Georgia’s firewalls or attempt to hack its voting systems. An ongoing federal lawsuit in Atlanta, however, claims Georgia’s voting systems were, for a time at least, “undeniably compromised.” Hackers had “easy access” to all of the state’s electronic voting files, including tabulation database programs, voting system passwords, programs used to create voting machine memory cards, and voter registration information,” according to the lawsuit. That information was “left out in the open on the internet” by Kennesaw State University’s Center for Election Systems, which housed state election operations beginning in 2002, the suit contends. The suit identifies a cybersecurity expert and private contractor who once worked at Oak Ridge National Laboratory in Tennessee as having accessed key areas of the state’s electronic election infrastructure through the election center’s public website, which was not password-protected. The files were vulnerable from at least August 2016, when Logan Lamb first accessed them, through March 2017, when Russian operatives were attempting to hack state election systems, including Georgia’s, across the country. Cybersecurity expert Lamb went public with his discovery last year in an interview with Politico. The suit claims that, when Lamb warned election officials in August 2016 of the system’s vulnerabilities, he was told to “drop it now,” or Georgia’s politicians “would crush” him. The state has asked Judge Amy Totenberg of the U.S. District Court for the Northern District of Georgia to dismiss the complaint, arguing the plaintiff voters cannot show more than “generalized and unfounded fears that Georgia’s election machinery is vulnerable to tampering,” and their “unfounded contention that Georgia’s [voting] machines should be presumed to be compromised.” Broce said the secretary of state’s office has “extensive security protocols in place” and contracts with “multiple private security monitoring vendors to identify and thwart any threats.” The office no longer contracts with KSU, she said. She added that an FBI investigation “found no evidence of criminal wrongdoing ... involving this server. There was no evidence that the server had been manipulated in any way.”