KGOU

State Election Board Says Potential Cyberattacks Not Affecting Oklahoma

Aug 30, 2016

Oklahoma election officials aren’t worried about a security breach after Yahoo! News broke a story indicating foreign hackers tapped into Arizona and Illinois online voter registration systems this summer.

The State Election Board says it hasn’t been contacted by the federal government about security issues after the FBI raised concerns about the security of state election systems. The FBI’s Cyber Division issued a “flash” alert saying hackers could disrupt November’s elections.

Earlier this month Homeland Security Secretary Jeh Johnson led a conference call with several state election officials offering his agency’s services to states, Yahoo! News' Michael Isikoff reports:

Johnson emphasized in the call that Homeland Security was not aware of “specific or credible cybersecurity threats” to the election, officials said. But three days after that call, the FBI Cyber Division issued a potentially more disturbing warning, titled “Targeting Activity Against State Board of Election Systems.” The alert, labeled as restricted for “NEED TO KNOW recipients,” disclosed that the bureau was investigating cyberintrusions against two state election websites this summer, including one that resulted in the “exfiltration,” or theft, of voter registration data. “It was an eye opener,” a senior law enforcement official said of the bureau’s discovery of the intrusions. “We believe it’s kind of serious, and we’re investigating.”

The bulletin does not identify the states in question, but sources familiar with the document say it refers to the targeting by suspected foreign hackers of voter registration databases in Arizona and Illinois. In the Illinois case, officials were forced to shut down the state’s voter registration system for 10 days in late July, after the hackers managed to download personal data on up to 200,000 state voters, Ken Menzel, the general counsel of the Illinois Board of Elections, said in an interview. The Arizona attack was more limited, involving malicious software that was introduced into its voter registration system but no successful exfiltration of data, a state official said.

Oklahoma’s voter registration records are available to the public, although it does require permission and login credentials. Election Board spokesman Bryan Dean says the public has no way to access Oklahoma State Election Board servers.

“That information gets copied onto a different website and then people can download those files,” Dean said. “So all they're doing is downloading a file from a website. It's not taking anything in from the outside. You're not accessing or pulling anything directly from our servers.”

Dean says the voting devices themselves aren’t connected to any sort of network or the internet on Election Day.

“The storage devices that actually tabulate the votes, those are created when we create the ballots. They have a digital signature that goes on them and those can't be hacked either,” Dean said. “Because if that file on those storage devices is tampered with in any way, or somebody tries to replace it the digital signature gets obliterated and the machine will not scan any ballots if that device is plugged in.”

The physical ballots are locked away as a backup, or in the case of manual recounts.

KGOU relies on voluntary contributions from readers and listeners to further its mission of public service to Oklahoma and beyond. To contribute to our efforts, make your donation online, or contact our Membership department.