Amid warnings that Russia will again try to meddle in U.S. elections in 2018, state officials are sizing up Wisconsin’s defenses — and saying past missteps must be avoided in working with national-security officials who can spot such threats.
The state Elections Commission also hopes lawmakers will act on a request for more funding to hire three more staffers, including at least one position dedicated to election security.
Russian government cyberactors unsuccessfully targeted Wisconsin election systems in July 2016 as part of a broader effort to interfere in U.S. elections, federal intelligence officials have concluded.
The commission said Homeland Security didn’t notify it until September 2017, about 14 months later, that it believed the attempted cyberattacks came from hackers tied to the Russian government.
Elections Commission chairman Mark Thomsen, a Democrat, said the commission relies on its security partnerships with other agencies. At the state level, that’s the Division of Enterprise Technology, which provides IT services throughout state government. At the federal level, it’s the Department of Homeland Security.
“We’re going to be relying in large part on information we receive from (Homeland Security),” Thomsen said. “I’m hoping the glitches in communications that occurred in 2016 don’t occur again.”
Homeland Security officials could not immediately be reached for comment Monday.
Elections Commission spokesman Reid Magney said communication between the agencies has improved since September.
“We have built much stronger communications with DHS, and believe we are on the right track with them to protect our systems in the future,” Magney said.
Magney added it’s not always possible to “draw immediate conclusions about the sources or motives behind cyberactivity. That analysis often requires data and intelligence gathering for some time after a specific event occurs.”
Heading into the 2018 elections, Magney said the state has asked Homeland Security for a detailed assessment of vulnerabilities in state election systems. The state hasn’t yet heard back on when that will be completed.
Leadership in question
The exchange also comes as the commission’s leadership remains in question. The state Senate voted in January to reject confirmation of state elections administrator Michael Haas. The bipartisan commission defied the Senate by subsequently voting to retain Haas at least through April 30 — but after that, his status is uncertain.
Haas is the only commission staffer with a security clearance through Homeland Security that provides him access to certain classified information.
While the Division of Enterprise Technology oversees IT issues, including security, for all state agencies, the Elections Commission trains local election officials on security matters and is responsible for monitoring its own systems, which include its voter-registration and election-management systems and its vote-canvassing system.
Enterprise Technology spokesman Steve Michels said the division continually conducts security evaluations, vulnerability assessments, incident-response sessions and other measures to safeguard the state’s IT infrastructure.
Magney also said the commission is moving to implement multi-factor authentication for officials to access WisVote, the state’s election management system, which includes its voter registration database. Security concerns about such databases include whether hackers could gain access to them and alter their data shortly before an election, creating havoc at the polls on Election Day.
One challenge, Magney said, is not all of the 3,000-plus local officials who run elections for the state’s municipalities have cell phones — a typical tool for completing multi-factor authentication.
The commission also is waiting to see if the Legislature’s budget-writing Joint Finance Committee will take up its request for about $339,500 to fund three positions within the commission, including one focused on election security, over the next two years.
In Wisconsin, the 2016 hacking attempts didn’t come close to their intended target. In July 2016, Homeland Security officials said they confirmed Russia-linked scanning activity at an inactive IP address assigned to a Wisconsin Department of Workforce Development site — which they believe was part of a broader search for vulnerabilities in the state’s elections systems.
State IT officials say they ward off millions of such attempts each year, but what made this one notable was its connection to Russian government cyber actors.
Not every state fared as well. In Illinois, Russian hackers gained access to that state’s voter-registration database during the 2016 campaign, and tried but failed to alter or delete some data.