Capitol Alert

Russians scanned California election systems in 2016, state officials learn

Russian entities attempted to hack into California election systems last year, the U.S. Department of Homeland Security told state officials Friday, prompting Secretary of State Alex Padilla to complain that officials had not shared the information earlier.

“Today, my office was informed for the first time by the U.S. Department of Homeland Security (DHS) that ‘Russian cyber actors’ ‘scanned’ California’s internet-facing systems in 2016,” Padilla said in a statement. “Our office actively monitors scanning activity as part of our routine cybersecurity protocols. We have no information or evidence that our systems have been breached in any way or that any voter information was compromised.

“It is completely unacceptable that it has taken DHS over a year to inform our office of Russian scanning of our systems, despite our repeated requests for information,” Padilla added. “The practice of withholding critical information from elections officials is a detriment to the security of our elections and our democracy.”

California is among at least 21 states that received phone calls from the Department of Homeland Security on Friday notifying them that Russians attempted to break into state, county or local election networks. Until Friday, the department had alerted only the owners of targeted election systems.

In a statement, a Homeland Security spokesman said Friday that the department does not “publicly disclose cybersecurity information shared between the department and its partners.

“However, recognizing that state and local officials should be kept informed about cybersecurity risks to election infrastructure, we are working with them to refine our processes for sharing this information while protecting the integrity of investigations and the confidentiality of system owners,” spokesman Scott McConnell said. “We will continue to keep this information confidential and defer to each state whether it wishes to make it public or not.”

A Homeland Security official, who spoke on condition of anonymity because the agency’s election security efforts are confidential, said that in the majority of the 21 states, the Russians engaged only in “preparatory activity,” such as scanning the cyber-defenses surrounding each system. While attempts to compromise some state networks were unsuccessful, the official said, “a small number of networks were successfully compromised. In no case were the targeted systems involved in the tallying of votes.”

In the case of California, the Russian-based hacking efforts focused on the secretary of state’s websites, which include online voter registration. It did not target voting machines, tabulation systems or VoteCal, the database of the state’s more than 19.4 million voters, Padilla spokesman Sam Mahood said.

In June, citing a top-secret National Security Agency review, The Intercept reported that Russian military intelligence launched a cyberattack on one U.S. voting software vendor and sent phishing emails to more than 100 local election officials before the November 2016 election.

On Friday, U.S. Sen. Mark Warner, a Virginia Democrat, issued a statement calling it “unacceptable that it took almost a year after the election to notify states that their elections systems were targeted.”

“While I understand that DHS detects thousands of attempted cyberattacks daily, I expect the top election officials of each state to be made aware of all such attempted intrusions, successful or not, so that they can strengthen their defenses – just as any homeowner would expect the alarm company to inform them of all break-in attempts, even if the burglar doesn’t actually get inside the house,” Warner said.

Padilla has been a leading critic of unproven claims by President Donald Trump that millions of people voted illegally last November. On Friday, Padilla complained that federal officials had put the nation’s voting systems at risk by failing to provide “timely and critical information to America’s election officials.”

“We shouldn’t have to learn about potential threats from leaked NSA documents or media reports. It is the intelligence community’s responsibility to inform elections officials of any potential threats to our elections,” Padilla said. “They failed in this responsibility.”