by Pamela Williams
Before I even talk about DHS employees being locked out of the computer system…lets look back at a prior story on DHS.
A government watchdog agency is investigating allegations that Department of Homeland Security officials improperly attempted to breach the Georgia secretary of state’s internal elections network last year. In a Jan. 17 letter to Georgia Secretary of State Brian Kemp, DHS Inspector General John Roth said his office was probing “a series of ten alleged scanning events of the Georgia Secretary of State’s network” that may have originated from DHS-affiliated IP addresses. DHS IG spokeswoman Erica Paulson confirmed the office has launched an investigation.
So when I found this story this morning about DHS employees being locked out of the computer system, I felt it could be related to the DHS hacking incident. At the time the State of Georgia reported this incident to DHS Director Jeh Johnson he made an excuse that an employee had made an error and cause the problem. We know that sounds fishy.
Georgia officials first went public with their allegations in December. According to a Dec. 8 letter from Kemp to then-Secretary Jeh Johnson, the state’s third-party cybersecurity provider detected a “large unblocked scan event” on the morning of Nov. 15, several days after the election.
The alleged effort to penetrate the secretary of state’s firewall was traced back to an IP address at DHS’ Southwest D.C. office — and did not succeed in breaking through.
But DHS has argued that what Georgia detected was simply a contractor performing routine duties.
After a preliminary review of the incident, Johnson told Kemp that the workstation involved was used by a contractor with the Georgia-based Federal Law Enforcement Training Center (FLETC).
“We interviewed the contractor and he told us that he accessed your website as part of his normal job duties,” said Johnson in a Dec. 12 response, in which he also denied that IP address was ever used to conduct security scans.
So on Tuesday morning, DHS employees found themselves cut off from their computer system. Turn about is fair play. This is the official explanation: It was not clear how widespread the issue was or how significantly it affected daily functions at DHS, a large government agency whose responsibilities include immigration services, border security and cyber defense.In a statement, a DHS official confirmed a network outage that temporarily affected four U.S. Citizenship and Immigration Services (USCIS) facilities in the Washington area due to an “expired DHS certificate.”
Even if the above is true, it is not good news to think our DHS would let their certificate expire. I wonder if President Trump has anything to do with this? A lot of strange things have happened since he has taken office…lol.
Two more states’ election agencies have confirmed suspected cyberattacks linked to the same U.S. Department of Homeland Security IP address as last month’s massive attack in Georgia.
The Georgia Secretary of State’s Office now confirms 10 separate cyberattacks on its network were all traced back to U.S. Department of Homeland Security addresses.
In an exclusive interview, a visibly frustrated Secretary of State Brian Kemp confirmed the attacks of different levels on his agency’s network over the last 10 months. He says they all traced back to DHS internet provider addresses.
The source characterized the issue as one stemming from relatively benign information technology missteps and a failure to ensure network redundancy. There was no evidence of foul play, the source said, adding that it appeared the domain controller credentials had expired on Monday when offices were closed for the federal Presidents Day holiday.
“We are working to track all device certificate issuance and expirations to ensure future lapses of service do not occur,” the DHS official said in the statement.
President Donald Trump vowed to make cyber security a priority during his administration, following an election marred by hacks of Democratic Party emails that U.S. intelligence agencies concluded were carried out by Russia in order to help Trump, a Republican, win. At a White House event last month he said he would “hold my Cabinet secretaries and agency heads accountable, totally accountable, for the cyber security of their organizations.”
Trump had planned to sign a cyber security executive order last month but it was put on hold to allow more time for review.
My conclusion is if this was caused by a failure to renew a certificate by the Department of Homeland Security, the American people should be concerned. If this occurred due to the investigation into the hacking of the State of Georgia, the American people should be glad something is being done to reign in the DHS.