‘Tens of thousands’ of attempts daily to hack Washington’s election system
Washington state’s general election is one month away and aside from making sure the process is ready to run smoothly, Secretary of State Kim Wyman has another concern on her mind — cybersecurity and election hacking.
“We have attempts every day,” she told KIRO Radio. “Tens of thousands of attempts to get into our system … right now, we are just blocking all of them.”
“Some (hackers) are just trying to see what they can see, ‘what can we get to and what can we play with,’” Wyman said. “And some have bigger chess moves. They are trying to undermine confidence that voters have in our system.”
The threat of election hacking is not new to Washington, but it’s an issue that has garnered considerably more attention since the 2016 election. As Wyman told KIRO Radio last year:
Washington was also one of the 21 states targeted in 2016 by foreign actors, however our security systems prevented any kind of intrusion. In fact, we alerted the FBI to the suspicious activity. And our security systems have only gotten more robust since then.
More recently, Wyman expanded on that incident in 2016. She said that election officials know what constitutes “normal activity” on the online voter registration system and other servers the state uses.
“And we started seeing activity that was not normal (in 2016),” she said. “We reported it to the FBI and the Department of Homeland Security and later found out that it was Russian actors. At the time though, we were pretty certain that it was a foreign IP address and we kind of suspected Russia.”
“Fast forward over the last three years, we’ve had a big focus on cybersecurity,” Wyman added.
Wyman says that they have an idea of where hacking attempts come from; generally if an IP address is foreign or not. She’s tight lipped on saying exactly which foreign IP addresses they often see. But the response is about more than just finding out where an attack or an attempt comes from.
Washington reports election data to the EIISC – the Election Infrastructure Information Assessment Center. That compiles election activity from across the nation and looks for suspicious trends.
“They can report back to us that ‘This IP address looks suspect, it’s hitting every single election server in the country, you probably want to block it,’” Wyman said. “These are powerful tools that we didn’t have a few years ago …. That’s how we know it’s tens of thousands of scans (each day), people trying to get in.”
“We are not so much trying to figure out ‘Is it Russia? Is it China? Is it the guy in Minnesota in his mom’s basement?’” she said. “Because that really doesn’t matter. All bad actors are bad actors … we are looking to see what they are trying to do, what are they trying to get at.”
Washington election security
There are also backup plans for worst case scenarios such as malware or ransomware getting though. As the Secretary of State frequently puts it, Washington’s election system is far more “robust” than in the past and that the state is “leading the country” in this regard.
Upgrading to the VoteWa system was one such move in a more secure direction. Hackers also cannot get into the state’s tabulation system. That system is air-gapped, meaning while it has electronic aspects, it is not connected to the internet. The state also has firewalls build into the online voter registration website. Also, the online registration system that the public interacts with is not the same system that the state uses officially.
“It’s more sophisticated now because in 2016, President Obama declared elections as critical infrastructure,” Wyman said. “This was a really significant move forward for elections because it puts us on the same level as the power grid for national security.”