Judicial Watch: Records Show Obama DHS Scanned Georgia Election Site in 2016!

Contact Your Elected Officials

(Washington, DC) Judicial Watch announced today that it received 243 pages of records from the Department of Homeland Security (DHS) that show the Obama administrationโ€™s scanning the election systems of Georgia, Alaska, Oregon, Kentucky and West Virginia in 2016. This activity prompted a letter from then-Georgia Secretary of State (now Governor) Brian Kemp to then-DHS Secretary Jeh Johnson accusing DHS of, โ€œan unsuccessful attempt to penetrate the Georgia Secretary of Stateโ€™s firewall.โ€

Kemp-Letter-to-Jeh-Johnson-DHS

The records were produced in response to Judicial Watchโ€™s Freedom of Information Act (FOIA) request, which asked for all records related to reported cyberattacks against the Georgia secretary of stateโ€™s information network involving DHS, including investigative reports, memoranda, correspondence and communications between October 1, 2016, and February 14, 2017.

The minutes of a DHS โ€œEnterprise Security Operations Centerโ€ (ESOC) meeting indicate that on November 15, 2016, at 8:43 a.m. a โ€œscanning eventโ€ occurred. The โ€œโ€˜scanningโ€™ event was the result of a FLETC [Federal Law Enforcement Training Center] userโ€™s Microsoft Office Discovery Protocol sending a packet with the OPTIONS flag to the Secretary of State of Georgia site.โ€

The minutes notes that the Enterprise Security Operations Center โ€œhas received requests from NCCIC [DHSโ€™s The National Cybersecurity and Communications Integration Center] and MS-ISAC [Multi-State Information Sharing and Analysis Center] to investigate other states that have seen โ€˜suspiciousโ€™ activity.โ€

The minutes note that Kemp accused DHS of conducting illicit scans on at least February 2, February 28 and May 23, 2016, as well.

DHS notes in the minutes that they were working with Microsoft to determine what happened: โ€œMicrosoft and the ESOC with the assistance of FLETC, were able to confirm that the user non-maliciously copied and pasted elements of the website to an excel document, which triggered the HTTP โ€˜OPTIONSโ€™ request.โ€

A โ€œMicrosoft E-Mail Statement (Unofficial Statement to ESOC)โ€ was included with the minutes.  The email stated, โ€œAfter looking at the data I do not see requests that look malicious in nature or appear to be attempting to exploit a vulnerability.โ€

chart of โ€œCurrent Open Vulnerabilitiesโ€ for the period November 30, 2016, through December 12, 2016, noted that DHS had identified a total of 1,227 cyber vulnerabilities within DHS components, including five โ€œHighโ€ severity ones at FEMA.

In a โ€œShift Pass Down Report โ€“ Sunday Night Shift โ€“ December 18, 2016โ€ describing one of the State of Georgia incidents, DHS identifies that it originated, โ€œfrom a FLETC-based Physical Security Contract Manager.โ€

DHS identifies activity originating from them in Alaska, Oregon, Kentucky and West Virginia.

In a โ€œState of Alaska update,โ€ the report notes, โ€œConfirmed this activity was a NPPD [DHSโ€™s National Protection and Programs Directorate] employee investigating twitter reports of compromise on an AK Election System, as part of his normal duties.โ€

A โ€œState of Oregon update,โ€ indicated that โ€œOregon Secretary of State inquired why they observed the same DHS IP reported by GASOS visiting their website. After engaging with DHS, Oregon agreed there was nothing suspicious and closed the investigation.โ€

A โ€œState of Kentucky updateโ€ said, โ€œNormal web traffic from DHS.โ€

A โ€œState of West Virginia updateโ€ also said โ€œNormal web traffic from DHS.โ€

In a December, 16, 2016, email exchange between DHS officials regarding a โ€œPreliminary update on GASOS [Georgia Secretary of State]โ€ an official notes there were at least 10 other โ€œtimestampsโ€ in which โ€œwe have identified different components who have caused the same traffic as the FLETC user.โ€ The log lists incidents involving FEMA, ICE-CIS and FLETC occurring between Feb. 2, 2016 and Sept. 12, 2016.

The email sender adds, โ€œAt this time, we cannot validate users with ease for these past timestamps due to DHCP and the lack of Authentication logs.โ€

Acting Principal Deputy Chief Information Officer, Jeanne Etzel replies to him, โ€œWhen this gets published in the 4:00, donโ€™t say โ€˜lack of logsโ€™ say something about logs are maintained for xx days and the events in question occurred xx days ago therefore our logs are overwritten per our standard retention policy.โ€

Another official, unidentified, then forwards the exchange to unknown officials saying, โ€œFYI. Please use the lens of Press Release and senior leaders.โ€

In a December 9, 2016, email, Director of DHS Cybersecurity Operations, Boyden Rohmer emailed an unidentified Chief of the Justice Security Operations Center at the Justice Department about โ€œsome claims by the State of Georgia that weโ€™ve been scanning their website,โ€ noting that when he pulled their logs over a three hour period, โ€œwe see that we have about 1800 similar requests.โ€

In an email exchange on December 8, 2016, sent to a DHS official, from a CBP CSOC [Customs and Border Protection/Cyber Security Operations Center] official indicated that the same CBP IP address that scanned the Georgia Secretary of State election systems also โ€œpreviously was reported to us by Princess Cruise Linesโ€ but โ€œESOC [DHSโ€™s Enterprise Security Operations Center] assesses that the CBP computer was just doing normal web browsing to Princess Cruise Lines.โ€

The email continues, โ€œESOC assesses that the CBP computer was just doing normal browsing to Georgiaโ€™s Secretary of State office on Nov 15 as well.โ€

The CBP cyber security official then asks the DHS ESOC official for clarification of certain questions, such as โ€œIn both instances, who made this assessment that all of this activity was just โ€˜normal browsingโ€™?โ€ and โ€œPlease define โ€˜normal browsingโ€™ as it is referenced in the text highlighted above.โ€

โ€œThe Obama DHS was caught scanning the Georgia Secretary of Stateโ€™s website in 2016 and these documents show that details about the controversy may have been โ€˜overwritten,โ€™โ€ stated Judicial Watch President Tom Fitton.

In January 2017, the DHS Inspector General wrote to Kemp, saying that an investigation into his allegations was in progress and asking for web and network logs, as well as any other evidence that indicated the DHS attempted to breach Georgiaโ€™s system.

In July 2017, the DHS Inspector General reported to the House Committee on Oversight and Government Reform โ€œthat DHS employee interactions with the Georgia systems were limited to routine searches for publicly available information on the stateโ€™s public website and that none of the web pages visited were related to elections or voters.โ€ And stated: โ€œThe investigation was conducted by employees in OIGโ€™s specially trained Digital Forensics and Analysis Unit.โ€

Judicial Watch is a national leader for cleaner elections.

In September 2020, Judicial Watch released aย studyย revealing that 353 U.S. counties had 1.8 million more registered voters than eligible voting-age citizens. In other words, the registration rates of those counties exceeded 100% of eligible voters. The study found eight states showing state-wide registration rates exceeding 100%: Alaska, Colorado, Maine, Maryland, Michigan, New Jersey, Rhode Island, and Vermont.ย The study collected the most recent registration data posted online by the states themselves. This data was then compared to the Census Bureauโ€™s most recent five-year population estimates, gathered by the American Community Survey (ACS) from 2014 through 2018. ACS surveys are sent to 3.5 million addresses each month, and its five-year estimates are considered to be the most reliable estimates outside of the decennial census.

In 2018, the Supreme Court upheld a voter-roll cleanup program that resulted from a Judicial Watch settlement of a federal lawsuit with Ohio. California settled a federal lawsuit with Judicial Watch and last year began the process of removing up to 1.6 million inactive names from Los Angeles Countyโ€™s voter rolls. Kentucky also began a cleanup of hundreds of thousands of old registrations last year after it entered into a consent decree to end another Judicial Watch lawsuit.

In 2020, Judicial Watch sued North CarolinaPennsylvania, and Colorado for failing to clean their voter rolls, and sued Illinois for refusing to disclose voter roll data in violation of federal law.  Judicial Watch has several open records requests pending over the conduct of the 2020 election.

You can learn more about Judicial Watchโ€™s clean election efforts here.

Judicial Watch
Judicial Watchhttps://www.judicialwatch.org/
Judicial Watch is a conservative, non-partisan educational foundation, which promotes transparency, accountability and integrity in government, politics and the law. Because no one is above the law!

The Sacred Honor of the 56

Today we're celebrating the sacred honor of the 56 men who signed the Declaration of Independence.

Alligator Alcatraz: A Bold Step Toward Secure Borders

Alligator Alcatraz funded through FEMA, represents a decisive move by the Trump admin to address illegal immigration with efficiency and resolve.

Is America Broke?

Silicon Valley investor and economic commentator Balaji Srinivasan made...

Hungary: Prideโ„ข Cometh Before the Color Revolution

The EU engaged in a diplomatic siege of the Eastern European nation-state of Hungary pressuring it into embrace global trannyism or face wrath of Brussels.

Understanding the Trump/Musk Feud

The passion Trump and Musk exhibit over the OBBB is not contrived or for show. Each is addressing the problem from completely different approaches.

Noem Waives Environmental Restrictions to Fast-Track Water Barriers in Rio Grande

DHS Sec Kristi Noem waived federal environmental laws to fast-track construction of 17 miles of waterborne barriers in the Rio Grande in South Texas.

Federal Officials Warn of โ€˜Lone Wolfโ€™ Terror Threats on July 4, NY Governor Says

NY Gov. Kathy Hochul confirmed that federal officials informed her about a possible terrorist threat ahead of the July 4 Independence Day holiday.

Record 1 in 5 Buyers of New Cars Committing to $1,000-Plus Monthly Payments: Edmunds

The share of new car buyers committing to make monthly payments of $1,000 or more hit an โ€œall-time highโ€ in the second quarter of 2025.

US Economy Adds 147,000 New Jobs, Unemployment Rate Dips to 4.1 Percent in June

The U.S. job market remained strong in June, as labor conditions continued to hold up amid economic uncertainty.

US Keeps Pressure on Chinese Goods Amid Vietnam Trade Deal

Transshippingโ€”rerouting goods through a third country to disguise the origin of the productsโ€”is a focal point of trade negotiations with Asian markets.

White House Report Reveals Top Earners, Staffers Working for No Salary

The Trump admin released its yearly report that shows the salaries for White House staffers, also revealing officials who arenโ€™t accepting salaries at all.

Transportation Secretary Urges Governors to Remove Political Messages From Crosswalks, Intersections

Duffy sent letters to governors, mayor of D.C., and gov of Puerto Rico urging them to remove political messaging from intersections and crosswalks.

Bessent: US, India Near Agreement to Lower Tariffs

The United States and India are โ€œvery closeโ€ to a trade agreement, Treasury Secretary Scott Bessent said on Tuesday.
spot_img

Related Articles