AZ Secretary of State: Congress should step in to prevent election-related cyberattacks

Posted: Updated:
Arizona Secretary of State Michele Reagan wants the federal government to help more with security voting data bases in the state. (Source: KPHO/KTVK) Arizona Secretary of State Michele Reagan wants the federal government to help more with security voting data bases in the state. (Source: KPHO/KTVK)
Reagan said states should focus on the databases that are online. (Source: KPHO/KTVK) Reagan said states should focus on the databases that are online. (Source: KPHO/KTVK)
(Source: KPHO/KTVK) (Source: KPHO/KTVK)
MESA, AZ (3TV/CBS 5) -

Arizona’s Secretary of State wants Congress to step in with guidance and funding to help states prevent cyberattacks on voter databases.

Michele Reagan said hacks in Arizona and Illinois earlier this year could be just the beginning of a new era of cyberthreats from abroad.

“We narrowly escaped a hacking attempt on our database, and I think we need to take that as a wake-up call,” she said Thursday. “I think that going forward, Arizona and Illinois should be a wake-up call to the 48 other states and also to the federal government that this is a serious issue.”

A state cyber team discovered in late June that foreign hackers were able to infiltrate a county election official’s computer and install malicious software, Reagan said. However, the team is confident the intruders were not able to breach Arizona’s voter registration database, which contains personal information for the more than 3 million registered voters.

“They were able to say [with] 99.9 percent certainty that this is intact and it has not been tampered with or touched, and no information was stolen,” she said.

However, up to 200,000 voter records were stolen in the Illinois breach.

[READ MORE: Officials: Hackers breach election systems in Arizona, Illinois]

Reagan said “to the best of our knowledge” the breach of the county official’s computer in Arizona did not involve a hacking method known as SQL Injection, as one cybersecurity expert had suggested. She also said the state's voter database had all of the defense mechanisms recommended by the FBI to prevent an SQL Injection attack in place before the hack. Instead, she implied that an election worker or county employee inadvertently downloaded malware by clicking on a file or link, but said the exact entry method is still unclear.

[RELATED: Hack that targeted Arizona voter database was easy to prevent, expert says]

“We don't exactly know what exactly was clicked on on that computer,” she said. “It could have been something as innocuous as an ad for pizza that was sent to this computer that somebody clicked on.”

Since the attack, the Secretary of State’s Office has worked with the FBI to step up security, including adding two-step verification in some counties, Reagan confirmed. However, she said there are still questions about who will pay for added security measures and “a lot of the measures won’t be completely rolled out until after the next election.”

“We’re certainly hoping that we’re going to be safe from a hack this November, but that’s why I think it’s important to speak out,” she said.

Reagan said too much of the national conversation on election security has been focused on the machines that count ballots – machines that are not connected to the internet.

“So there’s no way for anyone to hack them,” she said.

Instead, she said states should focus on the databases that are online.

“We're talking about a whole new level of threats that are out there that did not exist when we were talking about hanging chads,” she said, referring to the controversy in Florida during the 2000 presidential election. “[Back then,] we were not talking about foreign intrusions into our state election databases. This is something the federal government needs to be looking at and take very seriously.”

Copyright 2016 KPHO/KTVK (KPHO Broadcasting Corporation). All rights reserved.


  • Social Connect

  • Contact

    AZ Family

Connect with CBS5AZ

 

Saw it on CBS 5 News