The U.S. Department of Homeland Security (DHS) has notified the states whose systems were targeted by hackers before last years’ 2016 presidential election.
DHS officials expressed concerns to the Senate Intelligence Committee in June that a threat group assumed to be working for the Russian government targeted websites and other voting systems in 21 states. It was originally believed that a very small number of networks were breached, and while no evidence was found tampering with vote tallies, many officials agreed that Russian had at least tried to influence the 2016 election outcome.
Now the DHS is informing state officials about the attacks in hopes to improve the security of voter systems before next year’s midterm elections. But many believe this warning came much too late.
While the states targeted by hackers have not been named by the DHS, Alabama, Arizona, California, Colorado, Iowa, Minnesota, Wisconsin, and Washington have all published statements on their websites and/or social media pages.
These states have indicated that their systems were either only scanned for vulnerabilities, or their security products blocked the intrusion attempts. While these attacks currently do not appear to have had a significant impact on the election results, many officials are concerned with the amount of time DHS took to notify state officials.
Senator Mark R. Warner, Vice Chairman of the Senate Select Committee on Intelligence, claims, “We have to do better in the future. Our elections are the bedrock of our democracy, and DHS needs to notify states and localities in real-time when their systems are targeted. While I understand that DHS detects thousands of attempted cyber-attacks daily, I expect the top election officials of each state to be made aware of all such attempted intrusions, successful or not, so that they can strengthen their defenses -- just as any homeowner would expect the alarm company to inform them of all break-in attempts, even if the burglar doesn't actually get inside the house.”
Warner is not alone in his belief that DHS should notify states in real-time when their systems are targeted. NNT believes that Real-Time Host Intrusion Detection is the only way to ensure systems remain secure at all times, and should an intruder happen to infiltrate the system, at least these states will be notified in real time to act accordingly and better enhance their security defenses.
Other states that were reported targeted include Alaska, Delaware, Florida, Maryland, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Texas, and Virginia.
Read this article on InfoSecurity Magazine
New Net Technologies (NNT) is now part of Netwrix