DHS finds increasing attempts to hack U.S. election systems ahead of midterms

Image: Kirstjen, Perry, Nakasone
Secretary of Homeland Security Kirstjen Nielsen address the Department of Homeland Security (DHS) National Cybersecurity Summit on July 31, 2018, in New York. Copyright Bebeto Matthews AP
By Pete Williams and Ken Dilanian with NBC News Politics
Share this articleComments
Share this articleClose Button

The assessment said the feds don't know who is behind the attacks, but none have been successful.


WASHINGTON — The Department of Homeland Security says it's working to identify who — or what — is behind an increasing number of attempted cyber attacks on U.S. election databases ahead of next month's midterms.

"We are aware of a growing volume of cyber activity targeting election infrastructure in 2018," the department's Cyber Mission Center said in an intelligence assessment issued last week and obtained by NBC News. "Numerous actors are regularly targeting election infrastructure, likely for different purposes, including to cause disruptive effects, steal sensitive data, and undermine confidence in the election."

The assessment said the federal government does not know who is behind the attacks, but it said all potential intrusions were either prevented or mitigated.

The techniques used by the hackers are available to nation-state and non-state hackers alike, DHS said, including malicious e-mails that appear to be legitimate and denial of service attacks. The attempted hacks have been intensifying since April and were detected as recently as early October.

For example, the assessment said, three different methods were used in late August in an attempt to get access to Vermont's online voter registration database, but they were unsuccessful.

Vermont Secretary of State Jim Condos confirmed that account, which had not been previously reported, describing it Monday as the kind of attempted hack that states face every day.

"The good news is that our defenses are robust, were in place, and did their job," he said in a telephone interview.

The voter registration list is backed up every day, Condos added, "so if it were somehow to be breached, we would just go back 24 hours and reset it. We'd only lose one day's worth. And we also have same-day voter resignation, which means that no one would be denied on election day."

As for attempts by foreign governments to influence the U.S. political environment, the intelligence bulletin said Russia and China remain active, though in different ways. Russia attempts to spread disinformation with hackers posing as Americans, while China is engaged in more conventional propaganda efforts.

Homeland Security Secretary Kirstjen Nielsen told a Senate hearing last week that China "is exerting unprecedented effort to influence American opinion." But she said the US not seen "any Chinese attempts to compromise election infrastructure."

American intelligence officials have consistently said they have not seen evidence that foreign adversaries are targeting U.S. voting systems this year with the intensity that Russia is said to have deployed in 2016, when its hacking attempts were detected in 21 states.

"We currently have no indication that a foreign adversary intends to disrupt our election infrastructure," Nielsen said earlier this month at a cybersecurity summit hosted by The Washington Post.

Share this articleComments