WA state and local election officials say no evidence systems have been compromised

Oct 22, 2020

State and local election officials in Washington said Thursday that election systems here are secure and haven’t been hacked. Those assurances follow multiple reports in recent days of efforts by foreign actors to interfere with the upcoming national election.

The New York Times and NBC News reported Thursday that recent cyber attacks by Russia have compromised state and local computer networks. The reports, citing unnamed intelligence sources, did not say which states had been affected, however a subsequent report by The Washington Post said data had been stolen from two county systems in California and Indiana.

“The officials fear that Russia could change, delete or freeze voter data, making it harder for voters to cast ballots, invalidating mail-in ballots or creating enough uncertainty to undermine election results,” The  Times reported.

NBC said the Trump administration “has known for weeks” that Iran and Russia both successfully “obtained voter registration and other personal data.” 

But officials in Washington state said they were not aware of any successful attacks here. 

“I have no indication that any of our election systems have been compromised at this time,” said Assistant Secretary of State Mark Neary in a text message. “We are working directly with counties to monitor activity at the local level too.”

Similarly, officials in King County, the most populous in the state, said Thursday they've seen no evidence their systems have been infiltrated.

The auditors in Thurston and Mason Counties offered similar assessments.

“I’m very confident in our cyber posture because we’ve worked really hard since 2016 to make everybody as safe as possible,” said Thurston County Auditor Mary Hall.

Mason County Auditor Paddy McGuire said he was on a call Thursday morning with the Secretary of State’s office and participated in a call Wednesday with the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) regarding ongoing threats.

“There is no indication that I have heard that Washington state is a particular target,” McGuire said in an email. 

Nonetheless, it appears there’s a high threat nationally of foreign cyberattacks and other efforts aimed at disrupting the election or damaging voter confidence in the election results. 

On Wednesday evening, Director of National Intelligence John Ratcliffe and FBI Director Christopher Wray held a news conference to announce that Iran is believed to be behind an effort to use voter data to send threatening or intimidating emails to voters. The emails purport to be from the far-right Proud Boys group and tell the voter to vote for President Donald Trump “or else,” according to reporting by NPR.

Hall, the Thurston County Auditor, said election officials nationally were briefed on the threat Wednesday afternoon and that she had heard of at least one instance of someone in Washington state receiving such an email. 

Neary, the assistant secretary of state, emphasized that some voter information is a public record, and noted that malicious actors might seek to make it look like they had obtained confidential data when “in actuality it is just the publicly available info.”

Separately, on Thursday, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a bulletin warning of an “advanced persistent threat” (APT) by Russia to hack into national, state, local and tribal computer networks. The bulletin said the hackers had successfully broken into and stolen data from at least two “victim servers.” 

“To date, the FBI and CISA have no information to indicate this APT actor has intentionally disrupted any aviation, education, elections, or government operations,” the bulletin said. “However, the actor may be seeking access to obtain future disruption options, to influence U.S. policies and actions, or to delegitimize [state and local] government entities.”

These warnings, in the final countdown to the election, follow months of security bulletins and alerts that Russia and other foreign entities will likely seek to interfere with the election or try to exploit uncertainty around the election results.

In September, Microsoft announced that it had detected unsuccessful cyber attacks aimed at the campaigns of President Trump and Joe Biden and people associated with them. 

“The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated, and is consistent with what the U.S. government and others have reported,” Microsoft said at the time.

Also last month, Washington Gov. Jay Inslee warned that Washington state agencies were among the targets of a “large-scale, highly sophisticated phishing campaign.” The way that scheme worked is state employees would receive an email from a trusted source that appeared to be legitimate, but included a malware attachment. Some state systems were temporarily taken offline in response to the attacks.

On Thursday, Neary said the Secretary of State’s office had not been impacted by the phishing scheme.

Despite the myriad threats, Hall, the Thurston County Auditor, struck an optimistic note Thursday about the ability of Washington election officials to remain vigilant against attacks.

She said as the election approaches, county auditors are meeting every morning with the Secretary of State’s office and representatives from the state’s Election Security Operations Center.

Hall also said that the U.S. Department of Homeland Security, as well as Microsoft, are constantly monitoring election systems.

“Homeland Security is hovering over us like you can’t imagine,” Hall said.

This story has been updated.