Georgia Secretary Of State Thinks DHS Tried To Hack His Office
The feds tried to test Georgian systems without asking, he says
In a bizarre, unprecedented accusation, Georgia’s Secretary of State says it appears that the Department of Homeland Security tried to hack it.
Specifically, Brian Kemp, who oversees Georgia’s elections and public records, announced in a letter to Jeh Johnson, the Secretary of Homeland Security, that a DHS IP address unsuccessfully tried to scan his office’s network infrastructure on Nov. 15. An IP address reveals the location of a computer or network as it travels across the internet, though it’s far from conclusive proof of identity.
But Kemp’s letter indicates his office believes this was neither a case of mistaken identity nor a truly malicious attack from a federal U.S. government body against a state one. Instead, it was possible this was a standard penetration test by the DHS, a practice it does engage in to help ensure other government systems are safe from hackers.
The problem here, Kemp says, is that his office deliberately never agreed to such an agreement. Georgia hires its own third party cybersecurity protection service — one that, he proudly noted, observed and stopped DHS’s attempts to probe.
DHS has so far refused to publicly confirm or deny that it was behind such a probe. In a statement to Vocativ, spokesperson Scott McConnell said that his agency had received Kemp’s letter and “is looking into the matter,” but that it “will respond to Secretary Kemp directly,” rather than publicly.
According to the Computer Fraud and Abuse Act of 1984, a law with severe penalties that’s often used to prosecute hackers both inside the U.S. and abroad, it’s illegal to attempt to gain unauthorized access to a protected computer. DHS appears to have violated that law, Kemp said in his letter. If Kemp were to bring charges against DHS, it is believed it would be the first time one U.S. government body brought such charges against another.