Homeland Security Sees No ‘Nefarious Activity’ Threatening Cybersecurity Ahead of Midterms
In the months since the 2016 election, DHS officials have had ‘a little bit of a crash course on what it means to run an election.’
It’s apparently all quiet on the election front. Bob Kolasky, a Department of Homeland Security official working on election cybersecurity issues, told The Daily Beast that DHS hasn’t seen evidence of foreign actors attempting to hack American election infrastructure ahead of the 2018 midterms.
“We have not seen anything in the 2018 election, no,” Kolasky told The Daily Beast last week in an exclusive interview. “We have not seen any significant nefarious activity.”
Preparing to counter nefarious activity has been a major project for DHS since the 2016 general election, when the Kremlin launched an information attack on the United States. The American Intelligence Community concluded in January 2017 that Russian-backed actors stole emails from the Democratic National Committee and Hillary Clinton campaign chairman John Podesta, and also launching a wide-ranging social media campaign using stolen American identities. And last September, DHS told 21 states that Kremlin-backed operatives also tried to compromise their voter databases.
Kolasky told The Daily Beast that the biggest change at DHS since the 2016 election has been efforts to build closer relationships with state and local election officials. In the last election cycle, those relationships had been lacking.
“Part of that problem was that the  attacks were not on states, they were on local systems, and DHS claimed to have contacted the local systems,” said Jim Condos, Vermont secretary of state and president-elect of the National Association of Secretaries of State. “We struggled with them in one of our meetings—talking with them for an hour, trying to get them to understand. This is the criticism from the beginning of 2016. DHS did not understand how the election system worked.”
Condos continued, “We tried to them that if one state is attacked, all are attacked. If a local system is attacked, the whole state is attacked—and other states need to be in communications with one another.”
Kolasky said that Homeland Security has come a long way since 2016.
“We’ve gotten to really learn and understand the way that elections are conducted,” Kolasky said. “We have a richer understanding of the election management systems: the way they run processes and the best way to share information with them.”
In the months since the 2016 mess, he said DHS officials have had “a little bit of a crash course on what it means to run an election.” And, Kolasky added, senior department officials have met with most states’ top election officials.
Another major change has been getting state and local election officials security clearances so they can view classified information about election threats. Kolasky said that the department made clearances available to more than 160 election officials in September, and that 19 have received clearances clearances so far.
“DHS is in the process of doing that for all 50 states,” said former Chairman of the U.S. Election Assistance Commission Matthew Masterson. “States need to request the clearance, but DHS is expediting the process.”
“Secretary Lawson, along with other secretaries of state, is in the process of obtaining a security clearance that will allow her greater access to sensitive information,” said Ian Hauer, deputy communications director for Indiana’s secretary of state. “In return, we’re educating DHS on our state and local-level cyber-protections and offering feedback on the systems they have set up.”
And in February, Kolasky added, a host of officials got temporary one-day clearances for a briefing on election threats.
And while President Donald Trump has expressed skepticism that the Russian government threatened the 2016 election, Kolasky said the White House’s National Security Council has been a major partner in DHS’ efforts to block future election attacks. They have been especially helpful with bringing different federal agencies together, he said. He added that White House chief of staff John Kelly, who formerly headed DHS, has played a role in the work.
The National Protection and Programs Directorate, a low-profile component of DHS, has taken on the task of securing elections. The arm of DHS, through the Office of Cybersecurity and Communications, has provided services to state and local election officials—including cyber hygiene scans and cyber resilience reviews to check their election systems’ security (PDF).
NPPD also funds MS-ISAC, a cybersecurity database designed to help states stay up-to-date about threats. The system was just formalized as a means of communication between state and federal agencies for cyberthreats at the Government Coordinating Council meeting.
While many states use NPPD’s services, they aren’t mandatory (the feds wouldn’t have the power to require them even if they wanted to).
When state, local, and federal operations are all attempting to work together to protect themselves from an unpredictable and evolving force, communication has been key to get a grip on the learning curve before the 2018 midterms arrive. All parties say they know the risks involved if they don’t.
“Every event or conference I have attended, the number one conversation I have with state officials is about securing the system, and what additional resources are available,” Masterson said. “There’s been a heightened awareness since 2016.”