NOWCAST WDSU News at 10pm
Watch on Demand
Advertisement

US wages ‘cyber combat’ to protect elections, could ‘do more’

Latest update in our ongoing investigation into cybersecurity.
By Mark Albert, Chief National Investigative Correspondent
US wages ‘cyber combat’ to protect elections, could ‘do more’

Latest update in our ongoing investigation into cybersecurity.

Advertisement
US wages ‘cyber combat’ to protect elections, could ‘do more’

Latest update in our ongoing investigation into cybersecurity.
By Mark Albert, Chief National Investigative Correspondent
Behind a locked steel door somewhere in northern Virginia, America's fight in cyberspace never shuts down. On the eve of the National Election Security Summit in St. Louis, where elections officials from across the country will meet with homeland security and cyber experts, the Hearst Television National Investigative Unit is taking viewers inside the secure center outside the nation's Capitol where the United States wages “cyber combat” to protect the voting process. "This is the place where we coordinate everything," explained DHS Assistant Secretary for Cybersecurity Jeanette Manfra while giving Hearst Television a one-on-one tour of the watch floor of the National Cybersecurity and Communications Integration Center (NCCIC). She pointed out a large-screen video map of the United States at the front of the watch floor where severe cyber threats to the elections would be plotted in bright red. The NCCIC team, operating 24 hours a day, detects, analyzes, and responds to cyber threats against the elections ― and the country. But when asked if the federal government is "doing enough" to counter the threat to the elections, Manfra let out a sigh, and then answered, "You know, I do always think we could do more. I think we are doing everything we can right now. But it is ― it's a long process." As the National Investigative Unit found in our ongoing investigation into election security, that "process" has been slowed by turf battles; a lack of money, resources, and in some cases, urgency; and disagreements over strategy. Gene Dodaro, the comptroller general of the United States, gave lawmakers a scathing review of U.S. cybersecurity practices when he testified before a House Committee on Oversight and Government Reform subcommittee hearing on July 25, 2018. "The federal government's own record on security is pretty abysmal," Dodaro told the panel. Dodaro oversees the Government Accountability Office, Congress's nonpartisan watchdog, which issued a blistering report that same day finding the federal government has failed to implement 1,000 of its cybersecurity recommendations in the past eight years. In subsequent research done exclusively for the Hearst National Investigative Unit, the GAO found DHS has not implemented 44% of the watchdog's cybersecurity recommendations over the same period of time. Manfra, responding to the GAO's findings that the federal government broadly has not adopted 1,000 cybersecurity recommendations, said in an interview that her department takes the recommendations "very seriously and we are working diligently to close those that we agree with." But she noted that "sometimes we disagree with what those recommendations are ― not usually, but sometimes we do," in which case, the department does not put them into effect. Manfra stressed progress to strengthen election security is being made. DHS, she said, has "quadrupled" the number of intrusion-detection sensors on state election systems, known as Albert sensors, since 2016. Here's why DHS says that's important. Every day, there are millions of attempts to penetrate U.S. networks. When those Albert sensors detect an attempted intrusion, many of the alerts — within 15 minutes — go to a watch center for cyber threats in upstate New York, called the Multi-State Information Sharing and Analysis Center (MS-ISAC). It then sends suspected breaches targeting elections to NCCIC, outside Washington. It's like calling the fire department: To help put out the cyber "fire," analysts sound the alarm across the government; even deploying go-teams to state capitals to douse a cyber breach — or catch the hackers in the act. In 2016, DHS said about 21 states had some sort of detected malicious activity, as foreign actors tried to get into get into those election networks. Manfra was asked how many states this election cycle have had detected intrusions into their election systems. "None," she answered, adding a cautionary note: "But remember, in 2016, it was later, it was closer towards the actual election time frame." "I always worry the next shoe is about to drop. But... everybody is much better positioned to be on the lookout for these sorts of things," Manfra added. Experts say the federal government would be even better positioned if it would fill the 15,000 I.T. positions currently listed as vacant. Watch previous installments of the Hearst Television National Investigative Unit's series on election security. Gaps in preparednessWhite House responseVoting vulnerabilitiesKid election hackers at DEFCON

Behind a locked steel door somewhere in northern Virginia, America's fight in cyberspace never shuts down.

On the eve of the National Election Security Summit in St. Louis, where elections officials from across the country will meet with homeland security and cyber experts, the Hearst Television National Investigative Unit is taking viewers inside the secure center outside the nation's Capitol where the United States wages “cyber combat” to protect the voting process.

Advertisement

Related Content

"This is the place where we coordinate everything," explained DHS Assistant Secretary for Cybersecurity Jeanette Manfra while giving Hearst Television a one-on-one tour of the watch floor of the National Cybersecurity and Communications Integration Center (NCCIC).

She pointed out a large-screen video map of the United States at the front of the watch floor where severe cyber threats to the elections would be plotted in bright red. The NCCIC team, operating 24 hours a day, detects, analyzes, and responds to cyber threats against the elections ― and the country.

MS-ISAC map
Mark Albert

But when asked if the federal government is "doing enough" to counter the threat to the elections, Manfra let out a sigh, and then answered, "You know, I do always think we could do more. I think we are doing everything we can right now. But it is ― it's a long process."

As the National Investigative Unit found in our ongoing investigation into election security, that "process" has been slowed by turf battles; a lack of money, resources, and in some cases, urgency; and disagreements over strategy.

Gene Dodaro, the comptroller general of the United States, gave lawmakers a scathing review of U.S. cybersecurity practices when he testified before a House Committee on Oversight and Government Reform subcommittee hearing on July 25, 2018.

"The federal government's own record on security is pretty abysmal," Dodaro told the panel.

Dodaro oversees the Government Accountability Office, Congress's nonpartisan watchdog, which issued a blistering report that same day finding the federal government has failed to implement 1,000 of its cybersecurity recommendations in the past eight years.

In subsequent research done exclusively for the Hearst National Investigative Unit, the GAO found DHS has not implemented 44% of the watchdog's cybersecurity recommendations over the same period of time.

Manfra, responding to the GAO's findings that the federal government broadly has not adopted 1,000 cybersecurity recommendations, said in an interview that her department takes the recommendations "very seriously and we are working diligently to close those that we agree with."

But she noted that "sometimes we disagree with what those recommendations are ― not usually, but sometimes we do," in which case, the department does not put them into effect.

Albert sensor election security
DHS
Albert Sensor

Manfra stressed progress to strengthen election security is being made. DHS, she said, has "quadrupled" the number of intrusion-detection sensors on state election systems, known as Albert sensors, since 2016. Here's why DHS says that's important.

election security map graphic
Hearst Television

Every day, there are millions of attempts to penetrate U.S. networks. When those Albert sensors detect an attempted intrusion, many of the alerts — within 15 minutes — go to a watch center for cyber threats in upstate New York, called the Multi-State Information Sharing and Analysis Center (MS-ISAC). It then sends suspected breaches targeting elections to NCCIC, outside Washington.

It's like calling the fire department: To help put out the cyber "fire," analysts sound the alarm across the government; even deploying go-teams to state capitals to douse a cyber breach — or catch the hackers in the act.

In 2016, DHS said about 21 states had some sort of detected malicious activity, as foreign actors tried to get into get into those election networks. Manfra was asked how many states this election cycle have had detected intrusions into their election systems.

"None," she answered, adding a cautionary note: "But remember, in 2016, it was later, it was closer towards the actual election time frame."

"I always worry the next shoe is about to drop. But... everybody is much better positioned to be on the lookout for these sorts of things," Manfra added.

Experts say the federal government would be even better positioned if it would fill the 15,000 I.T. positions currently listed as vacant.

Watch previous installments of the Hearst Television National Investigative Unit's series on election security.

  1. Gaps in preparedness
  2. White House response
  3. Voting vulnerabilities
  4. Kid election hackers at DEFCON

Top Picks

Rare find: Father-son lobstermen pull calico lobster from Maine waters
What is the 'American Community Survey' and is it legit?
Clint Eastwood's former California home on sale for $21 million
Meet the Navy veteran skydiving for his 91st birthday