Not Just Ballots: Tennessee Hack Shows Election Websites Are Vulnerable, Too

14 hours ago
Originally published on May 17, 2018 10:49 am

When a WWE wrestler, especially one known for his demonic antics and a move called the "tombstone piledriver," runs for mayor of your county, you know your election is going to get more attention than usual.

But in Knox County, Tenn., it wasn't the fact that Glenn Jacobs, also known to wrestling fans as Kane, was running for mayor that gained national attention on the county primary day, May 1.

It was that the county's election website, at the time the site was supposed to begin posting election results, came under attack.

Malicious cyber actors shut down the county website and broke into the web server, according to county officials and a report done by the cyber security firm Sword and Shield.

The episode didn't have an effect on the outcome of the election, but it shut down the website for an hour and illustrated how malicious actors in the cyber-sphere can have an impact on democracy without actually affecting vote tallies.

The Senate Intelligence Committee said earlier this month that at least six states had their elections websites attacked by Russian operatives leading up to the 2016 election.

While a lot of attention is given to ballot security, the issue of election websites, which many voters rely on to find out results, is also a key voter security concern heading towards the 2018 midterms. Public-facing sites are naturally more vulnerable targets.

Experts say affecting election result pages, and even social media accounts that report results, could sow chaos and discord among a public — if it creates doubt about who actually won an election.

"Any web server by definition, is connected to the internet, so it's directly vulnerable to attacks from the internet," said Doug Jones, an elections cyber security expert at the University of Iowa.

It's unclear who conducted the attack in Tennessee, or why. IP addresses related to the attack were mapped back to computers in the United Kingdom and Ukraine, but Jones says attackers are adept at masking the actual location they're attacking from by breaking into remote computers and using them nefariously.

Elections websites can be especially vulnerable targets in voting districts that are more rural than Knox County, Jones says, because those counties often don't have the resources to adequately monitor and secure their sites.

"It's really unlikely that there isn't some vulnerable county out there and the first thing an attacker would do would be start probing all the county election offices and finding the ones that are weak," Jones said, before adding that elections are often far down the priority list for governments.

"If you're a county administrator and you have a county-run public health program, and a county election office and you have a choice between funding a homeless shelter and funding an election office, which are you going to do?" Jones said.

In cases like Knox County, a breach of the website does not have an effect on who actually wins the election. Tennessee's coordinator of elections, Mark Goins, said if he had to pick an area to be attacked, he'd prefer it be on a website than on a registration system or ballot-tabulating system, since the website is in no way connected to the system that actually determines who wins or loses the election.

Votes are tabulated separately and then input to the server for the public to view.

"There's really nothing on that server that's not public information anyway, it's quite isolated from anything else we have," said Dave Ball, the deputy IT director for Knox County. "But the bad guys don't necessarily know that."

Chris Davis, the assistant administrator of elections in Knox County, says maintaining a secure website is more an issue of maintaining voters' trust that the entire elections system is safe.

"It's from a public perception standpoint as much as anything," Davis said. "We want to make sure all of this data is secure and that if someone logs onto our website that they can trust that that data, that information is correct."

The race for the U.S. senate seat in Tennessee held now by Republican Sen. Bob Corker looks, at this point, to be competitive. The campaign for former Gov. Phil Bredesen, the Democratic nominee for seat, said earlier this year that it also feared it was hacked.

"If something happens in Nebraska, it's one thing, but if it happens in your backyard, then it's like — this can happen," Davis said. "If this can happen in little old Knox County, Tennessee, then it can happen anywhere."

Copyright 2018 NPR. To see more, visit http://www.npr.org/.

RACHEL MARTIN, HOST:

Today marks one year since Robert Mueller was appointed the Justice Department's special counsel. His job - to investigate Russian interference in the 2016 election, including any possible coordination between the Trump campaign and the Kremlin. So where has the investigation been, and where is it going? We're joined by NPR justice reporter Ryan Lucas.

Hey, Ryan.

RYAN LUCAS, BYLINE: Hi there.

MARTIN: Let's start with a little bit of news that broke overnight. The president's lawyer, Rudy Giuliani, says that the Mueller team told him that they won't and can't indict the president. Some Democrats out there, like Senator Richard Blumenthal, say he's wrong. Who's right?

LUCAS: Well, there's been a lot of debate on this and a lot of talk in light of the Mueller investigation. What we do know is that the Justice Department on a couple of occasions has concluded in the past that you can't indict a sitting president, the thinking being basically that it would undermine the executive branch and its duties under the Constitution. Now, special counsel Robert Mueller, of course, reports to Deputy Attorney General Rod Rosenstein. These are guys who tend to follow the rules, Justice Department guidelines, so a lot of people believe that Mueller would exactly - would be bound by the Justice Department's thinking on this. The statement from Giuliani may be, as much as anything, a part of the president legal team - kind of new attempts to kind of ramp up the pressure on the Mueller investigation.

MARTIN: All right, so it's been a year. What does Robert Mueller have to show for it at this point?

LUCAS: Quite a bit, really. It's been - this investigation has been moving pretty quickly. There have been charges brought against 19 individuals. There have been three Russian entities that have been charged, as well. Mueller has secured guilty pleas from five people in total. That list, of course, includes three people who played a role in the Trump campaign - President Trump's first national security adviser, Michael Flynn, foreign policy aide George Papadopoulos and deputy campaign manager Rick Gates. All three of them have pleaded guilty to lying to the FBI.

And then the charges against the Russians - 13 Russians and then Russian entities - are directly related to the question of interference in the 2016 election, and that indictment lays out the case against Internet Research Agency, saying that it carried out this kind of complicated multiyear effort to disrupt the American political system.

MARTIN: So as we know, Mueller's investigation wasn't the only one, right? Congress also opened several of its own into this same issue. At the end of the day, what did those investigations conclude?

LUCAS: Well, this has really been a tale of two committees. You have the House Intelligence Committee and the Senate Intelligence Committee that were carrying out these investigations separately. The House descended into a very kind of nasty partisan spat. This is the committee, of course, that gave us the dueling memos about alleged FBI and Justice Department surveillance abuses in the early days. Republicans who lead the House committee shut down that investigation, issued a final report in April saying that there was no collusion; there were maybe some ill-advised contacts, but nothing that rose to the level of coordination. Democrats said, that's ridiculous; you didn't conduct a serious investigation; you're trying to protect the president.

On the Senate side, the Senate Intelligence Committee's investigation has been a very serious affair. It's been bipartisan in spirit. It's moving forward still, recently released a report on election security. They have a couple more reports to come. But, you know, that committee will come up with a final report on the question of collusion, and that won't be for several months, still, though.

MARTIN: Although they have come out with a report recently saying that the conclusion by the broader intelligence community that Russia was working on behalf - trying to help Donald Trump, trying to hurt Hillary Clinton - that that assessment was correct, right?

LUCAS: They had a closed hearing with leaders of the Obama-era intelligence committees - sorry - intelligence community agencies on that yesterday. They did come to that conclusion, but they haven't issued a report on that question quite yet.

MARTIN: Got it. NPR's Ryan Lucas, thanks so much.

LUCAS: Thank you. Transcript provided by NPR, Copyright NPR.