Georgia Secretary of State Brian Kemp (shown) sent a letter to President-elect Donald Trump on December 13 asking him to launch an investigation into what he describes as “failed cyberattacks” by the Department of Homeland Security against his computer network, which contains Georgia’s statewide voter registration database. Kemp’s letter to Trump was a follow-up to an earlier letter sent to DHS Secretary Jeh Johnson about DHS’s November 15, “attempt to penetrate the Georgia Secretary of State’s firewall.”
In his letter to Trump, Kemp explained that there were muliple attacks on his computer network by DHS, including the “large attack” in November.
As The New American reported last week when Kemp sent his initial letter to DHS:
On Thursday [December 8], Georgia Secretary of State Brian Kemp sent a letter to the Department of Homeland Security (DHS) to ask “why [it] was attempting to breach” the firewall protecting his computer infrastructure. The letter also drew attention to the fact that “under 18 U.S.C. 1030, attempting to gain access or exceeding authorized access to protected computer systems is illegal.”
The “failed cyberattacks” followed Georgia’s refusal of DHS “assistance” to protect the state’s computers — especially those related to the elections — from this very type of attack. DHS had used fears of the supposed Russian hacking of DNC databases to claim that there were real dangers of the election itself being hacked. As this writer reported then:
Based on the accepted “wisdom” that the hacks came from Russia — whether from individual hackers or directed by Moscow — DHS issued a series of recommendations to the states for protecting their voter registration and election systems against attacks aimed at hacking the election. DHS also offered its assistance in providing “cyber hygiene scans or penetration testing” before the elections. As Kemp reminded DHS in his letter:
Georgia was one of the only few states that did not seek DHS assistance with cyber hygiene scans or penetration testing before this year’s election. We declined this assistance due to having already implemented the security measures suggested by DHS.
It appears that — in keeping with its heavy-handed approach in general — DHS was unwilling to take no for an answer. On November 15 — days after the election — “an IP address associated with the Department of Homeland Security made an unsuccessful attempt to penetrate the Georgia Secretary of State’s firewall,” according to Kemp’s letter. Kemp also reminded DHS of the fact that its attempted penetration of the firewall was both unwanted and unsuccessful:
At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our network. Moreover, your Department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network. This is especially odd and concerning since I serve on the Election Cyber Security Working Group that your office created.
It is now known — from the letter that Kemp sent to Trump — that the attack on November 15 was not a one off. In fact, in his letter to Trump, Kemp wrote that there have been at least 10 such attempts in as many months and that “These scans correspond to key election dates and times when I was speaking out against DHS’ plans.” This would not be the first time a department of the federal government targeted someone for political reasons.
Kemp’s letter to Trump was further prompted by DHS “just kind of writing this off” while denying that the agency attempted to hack Georgia’s systems. Kemp also said of the leadership at DHS that “Their story has kept changing the whole time, which is the reason I’m asking the Trump administration to look into this.” DHS initially claimed that what Kemp — and the “global leader in monitored security services” Kemp has contracted to protect those systems — called an attack was just a DHS contractor visiting the website of Kemp’s office to check on the availability of professional license offered there. Kemp disputed that claim as ridiculous, saying that the security software would not have tripped an alarm over a visit to the website. “I mean, we have that happen all the time, every single day in our office, and we never had the red flags that were raised in this incident,” he told Politico in an interview Wednesday.
DHS then claimed that the reason for the alarm was a Microsoft product which was configured incorrectly on that contractor’s computer. Kemp wrote back to Johnson, “The scenario DHS has proposed has still not been verified by Microsoft. There are still many questions regarding the origin and intent of this attack that remain unanswered.” Of course, that DHS claim is also ridiculous. Nearly 90 percent of computer users run Microsoft Windows as their operating system. Anyone who has spent much time at all on a Windows computer knows that incorrectly configured software is a common occurrence. If that would cause the red flags to go up, Kemp’s system would be overloaded with such false alarms. Instead, of the more than 2,000 “low-level” security events logged by Georgia’s Secretary of State’s system every week, very few are ever elevated to “tier-two,” which is reserved for more serious events requiring a closer look. The DHS scans of the system were elevated to “tier-two.”
With DHS changing its story and denying that there is anything to Kemp’s story, Kemp expressed his expectation that the current leadership of DHS will try to run out the clock by stalling this issue until after January 20, when Trump becomes president. Kemp said “Our ask of the Trump administration is: When Gen. [John] Kelly [Trump’s pick to head DHS] gets confirmed, and gets in there, that he’ll have a new team that looks at this.” He added that he hopes that those investigators will “be able to explain that to myself and my IT guys where we actually buy into that explanation. And if they do that, I will be satisfied.”
Photo of Georgia Secretary of State Brian Kemp: AP Images