How to Read the DHS Targeted States Information

Yesterday, DHS informed the states that had their registration databases targeted by Russian hackers last year. There has been an outright panic about the news since states started revealing they got notice, so I thought it worthwhile to describe what we should take away from the notice and subsequent reporting:

  • “Most” of the 21 targeted states were not successfully hacked
  • Some targeted states were successfully hacked
  • Not all swing states were targeted, not all targeted states are swing states
  • These hacks generally do not involve vote tallying
  • These hacks do not involve hacking voting machines
  • These hacks do not involve other voter suppression methods — whether by GOP or Russians
  • Notice needs to improve

The AP has done good work tracking down which states got notice they were targeted, identifying the 21 targeted states. Those targeted states were:

  1. Alabama
  2. Alaska
  3. Arizona
  4. California
  5. Colorado
  6. Connecticut
  7. Delaware
  8. Florida
  9. Illinois
  10. Iowa
  11. Maryland
  12. Minnesota
  13. North Dakota
  14. Ohio
  15. Oklahoma
  16. Oregon
  17. Pennsylvania
  18. Texas
  19. Virginia
  20. Washington
  21. Wisconsin

 

“Most” of the 21 targeted states were not successfully hacked

This list of 21 states does not mean that Russians successfully hacked 21 states. All it means is Russians probed 21 states. And the AP says “most” were not successful. WI, WA, and MN have said the attacks on them were not successful.

Thus, for “most” of these states, the impact is the same as the reports that Russians were attempting, unsuccessfully, to phish engineers in the energy industry: it is cause for concern, but unless new intelligence becomes available, it means that for those “most” states these probes could not affect the election.

Some targeted states were successfully probed

Of course, by saying that “most” attacks were not successful, you’re admitting that “some” were. We only know IL and AZ to have successfully been breached.

This means this story may not be done yet: reporters, especially state based ones, are going to have to get their voting officials to provide details about the attacks and it may take some FOIA work.

Mind you, a successful hack still doesn’t mean that the election was affected (as I believe to be the understanding with respect to AZ, though there is more dispute about IL). It might be that the hackers just succeeded in getting into the database. It may be that they succeeded only in downloading the voter registration database — which in many states, is readily available, and which is nowhere near the most interesting available data for targeting in any case.

In my opinion, the most effective way to affect the outcome of the election via voter registration databases is not to download and use it for targeting, but instead, to alter the database, selectively eliminating or voiding the registration of voters in targeted precincts (which of course means the hackers would need to come in with some notion of targets). Even changing addresses would have the effect of creating lines at the polls.

Altering the database would have the same effect as an existing GOP tactic does. In many states, GOP secretaries of state very aggressively purge infrequent voters. Particularly for transient voters (especially students, but poorer voters are also more likely to move from year to year), a voter may not get notice they’ve been purged. This has the effect of ensuring that the purged voter cannot vote, and also has the effect of slowing the voting process for voters who are registered.  In other words, that’s the big risk here — that hackers will do things to make it impossible for some voters to vote, and harder for others to do so.

Not all swing states were targeted, not all targeted states are swing states

The list of targeted states is very curious. Some targeted states are obvious swing states — WI, PA, FL, and VA were four of the five states where the election was decided. But MI is not on there, and NC, another close state, is not either.

In addition, a lot of these states are solidly red, like AL and OK. A lot of them are equally solidly blue, like CA and CT. So if the Russians had a grand scheme here, it was not (just) to flip swing states.

These hacks generally do not involve vote tallying

DHS has said that these hacks do not involve vote tallying. That means these disclosed probes, even assuming they were successful, are not going to explain what may seem to be abnormalities in particular states’ tallies.

These hacks do not involve hacking voting machines

Nor do these hacks involve hacking voting machines (which is covered, in any case, by the denial that it involves vote tallying).

Yes, voting machines are incredibly vulnerable. Yes, it would be child’s play for a hacker — Russian or American — to hack individual voting machines. With limited exceptions, there been no real assessment of whether individual machines got hacked (though it’d generally be easier to affect a local race that way than the presidential).

These hacks do not involve other voter suppression methods — whether by GOP or Russians

This list of 21 targeted states does not represent the known universe of Russian voting-related hacking.

It does not, for example, include the targeting of voting infrastructure contractors, such as VR Systems (which Reality Winner faces prison for disclosing). There’s good reason to at least suspect that the VR Systems hack may have affected NC’s outcome by causing the most Democratic counties to shift to paper voting books, resulting in confusion and delays in those counties that didn’t exist in more Republican ones.

And they don’t include any Russian social media-related support or suppression, which we’re getting closer to having proof of right now.

Importantly, don’t forget that we know Republicans were engaging in all these techniques as well, with far better funding. Russians didn’t need to hack WI and NC given how much organized suppression of voters of color took place. Republican secretaries of state had the power to purge voters on trumped up excuses without engaging in any hacking.

Do not let the focus on Russian tampering distract from the far more effective Republican suppression.

Notice needs to be improved

Finally, the other big story about this is that some states only got notice they were targeted yesterday, some even after having partnered with DHS to assess their voting infrastructure.

DHS has used classification, in part, to justify this silence, which is an issue the Intelligence Committees are trying to address in next year’s authorization. But that’s particularly hard to justify that many of these same states have run elections since.

Mind you, we’re likely to see this debate move to the next level — to demanding that state officials disclose full details about their state’s infrastructure to citizens.

In any case, if we’re to be able to use democratic pressure to ensure the infrastructure of democracy gets better protected, we’re going to need more notice.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

9 replies
  1. SpaceLifeForm says:

    How can we really trust the DHS report to actually be accurate?

    Kudos to AP for doing their investigation.

    But, for example, was MI actually hacked but no one knows it yet?

    What was DHS methodology?

    How do we know that they did not miss stuff?

    Did DHS rely on data from FBI? If so, it was probably incomplete. The DHS analysis would have had to rely upon the pre-12333 info sharing most likely.

    (because, allegedly, NSA could not provide)

  2. wayoutwest says:

    I read the DHS comments on these attempted and successful hacks of state databases and they in no way implicated Russia as the source. They do mention criminal groups and individual hackers as possible culprits in this continuous ‘pings’ of all their systems not just voting data.

    Partisan politicians along with their minions in the media immediately create a false narrative with Russia as the only possible culprit no matter what the report actually said. Along with the usual suspects in these hacking cases why isn’t China included in the agitprop being produced? They are more than capable and they represent a real threat to the Hegemon unlike the poor Russians.

    The snowflakes still cling to denial of their loser status and hope this continuing projection of blame will ease their suffering but it is a false hope.

    • bmaz says:

      Seriously, are YOU part of the Russian Fake News invasion? You are relentlessly trying to misinform this blog with absolute horse manure. You waltz right in and blithely, with no affirmative evidence, directly call the premise of this post a lie. That is bogus.

      Here is the Washington Post from less than 24 hours ago:

      The Department of Homeland Security contacted election officials in 21 states Friday to notify them that they had been targeted by Russian government hackers during the 2016 election campaign.

      Three months ago, DHS officials said that people connected to the Russian government tried to hack voter registration files or public election sites in 21 states, but Friday was the first time that government officials contacted individual state election officials to let them know their systems had been targeted.

      We welcome you here, but not to promote lies and stupidity. Oh, and by the way, take your “snowflakes” sneer and shove it where there is no sun.

      • wayoutwest says:

        I reported what was directly quoted from the DHS statement about these hacks and the AP, two days ago, verified that DHS said nothing about Russian involvement in these attacks. This doesn’t prove they weren’t involved just that DHS may have forgotten their political role of backing the Putin frenzy. WaPo and other political parasites immediately corrected that mistake but had to print a lie that the NSA identified the hackers as Russians.
        A select group of intelligence community operatives tried to sell an evidence free manifesto claiming Russia was behind the Podesta/DNC  hacks and everything else but that was shot full of holes as little more than propaganda for true believers.
        WaPo took this simple NSA report on continuing  attempted hacking of all state databases and turned it into a fake news story about Russia and the election.
        Most people in the media are parroting this fake news now selling it as fact. It’s difficult to understand why people behave this way, they can’t be that simple minded, and describing them as snowflakes seems the only way to cover the whole sick mess.

  3. greengiant says:

    The dog that didn’t bark or the voter hack that did not become part of the narrative. Buried in Gucifer 2.0’s/Wikileaks DNC/DCCC is a document purporting to use cross check to disenroll voters after using NGP-Van to enroll similar names in another congressional district. Another allegation is to flag a voter as having received a mail in ballot to force them to cast a provisional ballot on election day.  As already reported similar hacks to voter registration include modifying names and addresses to assist in purges and force into provisional ballots which in some states seem not even to be reported and perhaps not even the number cast tallied.  This does not seem to have been amplified by usual Trump media such as Breitbart.  Perhaps it was the basis of Trump’s claim that the election would be hacked.  I doubt that NGP-VAN was empowered to modify voter rolls. Perhaps someone else knows something.  The less said about hacking similar to Trump/Russia perhaps the better.

    No love between Parscale’s nationbuilder vendor and NGP-VAN in 2015.  https://medium.com/@heywillconway/why-the-ngp-van-model-is-hurting-democracy-d9893d3d28f7

    Reading Adam Carter’s Gucifer 2.0 blog and seeing the the contents ranging back to 2007 and 2009 have me trending towards fabrication of not only Russian *.rtf additions but modifications to other documents.  Peter W. Smith and then Roger Stone’s breitbart article in August 2016 attended the birth of Gucifer 2.0 not to mention Charles Johnson the self alleged firewall between Smith and the Trump campaign nor Lee Stranahan’s DMs and move from breitbart to sputnik in 2017.   With Comey’s firing and Mueller’s hiring in May 2017 there was the rebirth of Seth Rich’s murder and on June 1 or so the return to interest in the Gucifer 2.0 DNC/DCCC falsely named NGP_VAN dump.  And of course if the dump is fabricated why did Assange publish it?  In 2016 it was DNC,  DWS and Clinton hacking,  in 2017 the “Russians didn’t do it”,  now that is very convenient.

  4. neighbor7 says:

    Do not let the focus on Russian tampering distract from the far more effective Republican suppression.

    One of the more important cautions these days.

    • wayoutwest says:

      This is another fake news meme based on imagined numbers of people denied their right to vote. The large numbers reported are projections not real incidents of suppression which are rare and usually avoidable.
      The Clintonites have already countered these imaginary party voter loses with their programs for voter registration of non-citizens. Trump’s election integrity committee along with ICE may suppress these illegal voters but citizens with proper ID are free to vote.

      • bmaz says:

        Why do you even come here? Is there any reason other than to annoy people, spread bullshit and lies? Run along and get out of here.

Comments are closed.