WASHINGTON >> The Department of Homeland Security said today that just because Russian government hackers didn’t directly scan election systems in some U.S. states, it doesn’t mean they weren’t looking to break into them.
DHS spokesman Scott McConnell declined to discuss specific states. But he said in a statement that hackers looked for vulnerabilities to exploit in other government computer systems in an unspecified number of states as a way to get into the election systems. The other networks were usually connected to the election systems or shared similarities, he said.
The release of additional information came after state officials in Wisconsin and California said they had received conflicting reports from DHS about which of their computer systems were targeted by hackers during the 2016 presidential campaign.
Last week, the department informed 21 states that their election systems had been targeted by “Russian government cyber actors,” and officials in those states subsequently released that information publicly. The formal notification came after months of state election officials voicing frustration that the department had left them and the public in the dark for so long. DHS has said that most systems weren’t breached, and there was no evidence that vote tallies or registration databases were altered.
Earlier this week, officials in Wisconsin and California said the Homeland Security Department provided additional information that they believed contradicted the department’s earlier notification. Specifically, those state officials said they were told that the Russian hackers targeted computers systems that weren’t related to their elections.
In California, the targeted system was the state’s Department of Technology, which the secretary of state says it does not use for its IT services. In Wisconsin, it was the state’s Department of Workforce Development, which oversees job training and unemployment benefits.
Asked about the latest statement from DHS, Wisconsin Elections Commission spokesman Reid Magney said the agency was reviewing it. He had no further comment.
McConnell said the department stands by its initial assessment that 21 states were targeted by “Russian government cyber actors” looking for vulnerabilities in and access to election infrastructure. He noted that some of the intelligence used to make that determination cannot be shared publicly.
In the majority of the 21 states, DHS has said it only observed hackers scanning networks in preparation for breaking into the networks, not actual penetrations. But officials in Illinois have confirmed that hackers broke into the voter registration network for at least three weeks before being discovered in July 2016. Officials said there was no evidence that the hackers had changed any information.
The 21 states that told the AP last week that they had been targeted were: Alabama, Alaska, Arizona, California, Colorado, Connecticut, Delaware, Florida, Illinois, Iowa, Maryland, Minnesota, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Texas, Virginia, Washington and Wisconsin.