Russians tried to hack election systems in Wisconsin, 20 other states in 2016, Homeland Security says

Milwaukee Journal Sentinel

MADISON - Russians attempted to hack elections systems in Wisconsin and 20 other states in the run-up to last year's presidential election, Wisconsin officials said Friday.

The U.S. Department of Homeland Security notified states of the attempted breaches on Friday, said Michael Haas, director of the Wisconsin Elections Commission. The attempt in Wisconsin was unsuccessful, he said.

Wisconsin's voter registration system, which can be accessed online, was targeted.

Homeland Security officials said the effort was conducted by “Russian government cyber actors," according to Haas. He said he did not know which states other than Wisconsin were part of the hacking attempt.

“This scanning had no impact on Wisconsin’s systems or the election,” Haas said in a statement. “Internet security provided by the state successfully protected our systems. Homeland Security specifically confirmed there was no breach or compromise of our data.”

Homeland Security officials first reported in June that election systems in 21 states had been targeted during a hearing before the U.S. Senate Intelligence Committee. At that hearing, Haas told the committee he had concluded Wisconsin was not one of the targeted states, at least in part because Homeland Security had not alerted him to any attempted breach.

State officials are seeking more information about the incident and why they were not notified sooner, Haas said. The commission is to get an update on the matter Tuesday during a public meeting.

Tom Evenson, a spokesman for Gov. Scott Walker, said the announcement "confirms what we already knew, which is Wisconsin held an honest and fair election with no interference."

Friday's disclosure came a day after the GOP governor cut six jobs from the Wisconsin Elections Commission as part of the state budget. Evenson said the jobs were vacant and had nothing to do with cybersecurity.

The hacking attempt was on the state's voter registration system, not voting machines. Had hackers taken over the voter registration system, they could have suspended people's registrations, creating confusion and long lines at the polls.

They also could have gotten information about individual voters, such as addresses or birth dates. The system does not include full Social Security numbers for voters, though it does have the last four digits of those numbers for some voters.

Attempts by Russians to interfere with last year's election have caught the attention of federal prosecutors and congressional investigators.

Cybersecurity experts raised alarms after the election that Wisconsin was vulnerable to attacks, prompting Green Party presidential candidate Jill Stein to fund a statewide recount. The effort ultimately confirmed Donald Trump as the winner of the state's popular vote. State election officials also said no signs of hacked web systems or offline voting devices were found.

In March, the USA TODAY NETWORK-Wisconsin reported on records showing alerts about hackers targeting state government systems in Wisconsin. Those alerts spiked near Wisconsin's April 2016 presidential primary and the November 2016 general election, the documents released under the state's open records law showed.

Cybersecurity experts called the timing of the spikes suspicious, in light of hackers targeting election systems in other states last year. But Wisconsin officials in March downplayed the alerts, saying that election systems weren't specifically targeted or compromised.

Steve Michels, a spokesman for Walker's Department of Administration, said both in March and on Friday that the number of attempted hacks on state systems last year was "typical."

In the run-up to last year's election, the state "partnered with the FBI, federal Department of Justice and Homeland Security to review processes, conduct assessments and evaluate response plans," he said by email.

The spikes in hacking alerts, outlined in monthly cybersecurity reports produced by Walker's administration, show a massive increase in attempts to find ways to break into state computer systems by repeatedly guessing passwords and other suspicious activities.

Two days before the state's April 5 presidential primary, the reports show, state security analysts logged more than 150,000 alerts in a single day for attempts to find holes in state systems. The state has typically logged fewer than 60,000 of these alerts per day over the past two years.

Even more unusual, around the announcement of Stein's petition for a recount, the number of alerts logged on a single day spiked to more than 800,000 — a more than 10-fold increase over the normal daily peak. It was the largest single-day spike in the past two years.

Walker's administration attributed the November spike to international malware but didn't provide an explanation for the April spike.

Wisconsin officials have said that elections here are protected in part by the state’s unusually decentralized system of vote counting. The state’s more than 1,850 municipalities use different makes and models of voting devices and there is no central system for programming them.

There have also been previous reports of unsuccessful 2016 attacks targeting the websites of Bayfield County and the city of Ashland in northern Wisconsin and some local chapters of the Democratic Party.

The attacks on the two Northwoods communities ran from March 16, 2016, through the November election and have been traced to Russia and Kyrgyzstan.

In January, Wisconsin Democrats said eight party-affiliated websites had been compromised and two hackers left "calling cards" with Russian email addresses. Democrats said the problems were identified and resolved by a cybersecurity firm it hired.