According to a Homeland Security Department official, hackers have targeted the voter registration systems at least 20 states over the past few months.
Federal officials and cybersecurity experts have frequently said that hackers’ attempts to alter the outcome of an election would be futile, since election systems are fundamentally decentralized and aren’t connected to the internet. Despite this glaring fact, hackers have targeted the voter registration systems of more than 20 states in recent months, a Homeland Security Department official told AP.
Speaking on the condition of anonymity, the official said the hackers’ origins, whether domestic or foreign, were still unclear, as were their motives.
The Department of Homeland Security (DHS) has notably stepped up its outreach program to state and localities. The onus, however, is on them to seek help and so far, 21 states have sought to implement a broad “cyber hygiene” scan of their primary websites.
While the cases of hackers scanning or probing voting systems of several U.S. states were confirmed by Homeland Security Secretary Jeh Johnson, the official added that there is no evidence to show that any data or records were modified.
In a statement, he said:
In recent months, malicious cyber actors have been scanning a large number of state systems which could be a preamble to attempted intrusions. In a few cases, we have determined that malicious actors gained access to state-voting related systems. However, we are not aware at this time of any manipulation of data.
Furthermore, the DHS has offered states comprehensive, on-site risk and vulnerability checks. To this, only four states have expressed interest in the assessment. The November elections now only weeks away, a DHS official said the department would only be able to conduct that assessment.
In the future, the DHS is considering designating voting systems as critical infrastructure, an official revealed, adding that it is unlikely to happen before the upcoming November elections.
A 2013 presidential directive points to 16 sectors that are considered critical infrastructure. They include the likes of energy, food and agriculture, communications, transportation, healthcare and financial services. The directive puts the DHS in charge of identifying and prioritizing those sectors.
Image credit: Wikimedia.