Why is the Department of Homeland Security trying to break into the Georgia Secretary of State’s computer system?
ATLANTA – The Georgia Secretary of State is asking the Department of Homeland Security for some answers after an unsuccessful breach to the department’s firewall.
In a letter from Secretary of State Brian Kemp to DHS Secretary Jeh Johnson, Kemp asks if “DHS was aware of this attempt and, if so, why DHS was attempting to breach our firewall.”
Kemp goes on to say that the department’s security provider detected a “large unblocked scan event” on Nov. 15 coming from an IP address associated with DHS, attempting to scan “certain aspects of the Georgia Secretary of State’s infrastructure.” The breach was unsuccessful, according to Kemp’s letter.
Update:
Reporter makes the point that it was on the agency that is in charge of elections. It happened on November 15 so it wasn’t trying to influence anything during. But what were they looking for?
Update:
“At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our network,” Kemp[GA Sec of State] wrote in the letter [to DHS Sec Jeh Johnson], which was also sent to the state’s federal representatives and senators. “Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network. This is especially odd and concerning since I serve on the Election Cyber Security Working Group that your office created.”
“The Department of Homeland Security has received Secretary Kemp’s letter,” a DHS spokesperson told CyberScoop. “We are looking into the matter. DHS takes the trust of our public and private sector partners seriously, and we will respond to Secretary Kemp directly.”
Georgia was one of two states that refused cyber-hygiene support and penetration testing from DHS in the leadup to the presidential election. The department had made a significant push for it after hackers spent months exposing the Democratic National Committee’s internal communications and data.
So did the DHS do ‘penetration testing’ anyway despite Georgia telling them not to?