12-02-2020, 09:52 PM
(This post was last modified: 12-02-2020, 11:26 PM by IceWizard.
Edit Reason: Bad URL ... Fixed
)
Judicial Watch: Records Show Obama DHS
Scanned Georgia Election Site in 2016
![[Image: rxrxUHA.png]](https://i.imgur.com/rxrxUHA.png)
![[Image: JudicialWatch_Social_PressRelease-ObamaD...68x401.jpg]](https://www.judicialwatch.org/wp-content/uploads/2020/12/JudicialWatch_Social_PressRelease-ObamaDHS_1200x627_v2-768x401.jpg)
DECEMBER 02, 2020
|
JUDICIAL WATCH
Docs Suggest Activity Logs of Incidents Overwritten
(Washington, DC)
Judicial Watch announced today that it received 243 pages
of records from the Department of Homeland Security (DHS)
that show the Obama administration’s scanning the election
systems of Georgia, Alaska, Oregon, Kentucky and West Virginia
in 2016. This activity prompted a letter from then-Georgia Secretary
of State (now Governor) Brian Kemp to then-DHS Secretary
Jeh Johnson accusing DHS of, “an unsuccessful attempt to
penetrate the Georgia Secretary of State’s firewall.”
The records were produced in response to Judicial Watch’s
Freedom of Information Act (FOIA) request, which asked for
all records related to reported cyberattacks against the Georgia
secretary of state’s information network involving DHS, including
investigative reports, memoranda, correspondence and
communications between October 1, 2016, and February 14, 2017.
The minutes of a DHS “Enterprise Security Operations Center”
(ESOC) meeting indicate that on November 15, 2016, at 8:43 a.m.
a “scanning event” occurred. The “‘scanning’ event was the result
of a FLETC [Federal Law Enforcement Training Center] user’s
Microsoft Office Discovery Protocol sending a packet with the
OPTIONS flag to the Secretary of State of Georgia site.”
The minutes notes that the Enterprise Security Operations Center
“has received requests from NCCIC [DHS’s The National Cybersecurity
and Communications Integration Center] and MS-ISAC
[Multi-State Information Sharing and Analysis Center] to investigate
other states that have seen ‘suspicious’ activity.”
The minutes note that Kemp accused DHS of conducting illicit
scans on at least February 2, February 28 and May 23, 2016,
as well.
DHS notes in the minutes that they were working with Microsoft to
determine what happened: “Microsoft and the ESOC with the
assistance of FLETC, were able to confirm that the user non-maliciously
copied and pasted elements of the website to an excel document,
which triggered the HTTP ‘OPTIONS’ request.”
A “Microsoft E-Mail Statement (Unofficial Statement to ESOC)” was
included with the minutes. The email stated, “After looking at the
data I do not see requests that look malicious in nature or appear
to be attempting to exploit a vulnerability.”
A chart of “Current Open Vulnerabilities” for the period
November 30, 2016, through December 12, 2016, noted that
DHS had identified a total of 1,227 cyber vulnerabilities within
DHS components, including five “High” severity ones at FEMA.
In a “Shift Pass Down Report – Sunday Night Shift – December 18, 2016”
describing one of the State of Georgia incidents, DHS identifies
that it originated, “from a FLETC-based Physical Security Contract Manager.”
DHS identifies activity originating from them in Alaska, Oregon,
Kentucky and West Virginia
In a “State of Alaska update,” the report notes, “Confirmed this activity
was a NPPD [DHS’s National Protection and Programs Directorate]
employee investigating twitter reports of compromise on an AK
Election System, as part of his normal duties.”
A “State of Oregon update,” indicated that “Oregon Secretary of State
inquired why they observed the same DHS IP reported by GASOS
visiting their website. After engaging with DHS, Oregon agreed there
was nothing suspicious and closed the investigation.”
A “State of Kentucky update” said, “Normal web traffic from DHS.”
A “State of West Virginia update” also said “Normal web traffic from DHS.”
In a December, 16, 2016, email exchange between DHS officials
regarding a “Preliminary update on GASOS [Georgia Secretary of State]”
an official notes there were at least 10 other “timestamps” in which
“we have identified different components who have caused the
same traffic as the FLETC user.” The log lists incidents involving
FEMA, ICE-CIS and FLETC occurring between Feb. 2, 2016 and
Sept. 12, 2016.
The email sender adds, “At this time, we cannot validate users with
ease for these past timestamps due to DHCP and the lack of
Authentication logs.”
Acting Principal Deputy Chief Information Officer, Jeanne Etzel
replies to him, “When this gets published in the 4:00, don’t say
‘lack of logs’ say something about logs are maintained for xx days
and the events in question occurred xx days ago therefore our
logs are overwritten per our standard retention policy.”
Another official, unidentified, then forwards the exchange to
unknown officials saying, “FYI. Please use the lens of Press Release
and senior leaders.”
In a December 9, 2016, email, Director of DHS Cybersecurity Operations,
Boyden Rohmer emailed an unidentified Chief of the Justice
Security Operations Center at the Justice Department about
“some claims by the State of Georgia that we’ve been scanning
their website,” noting that when he pulled their logs over a three
hour period, “we see that we have about 1800 similar requests.”
In an email exchange on December 8, 2016, sent to a DHS official,
from a CBP CSOC [Customs and Border Protection/Cyber Security
Operations Center] official indicated that the same CBP IP address
that scanned the Georgia Secretary of State election systems also
“previously was reported to us by Princess Cruise Lines” but “ESOC
[DHS’s Enterprise Security Operations Center] assesses that the
CBP computer was just doing normal web browsing to
Princess Cruise Lines.”
The email continues, “ESOC assesses that the CBP computer was
just doing normal browsing to Georgia’s Secretary of State office
on Nov 15 as well.”
The CBP cyber security official then asks the DHS ESOC official for
clarification of certain questions, such as “In both instances, who
made this assessment that all of this activity was just ‘normal browsing’?”
and “Please define ‘normal browsing’ as it is referenced in the
text highlighted above.”
“The Obama DHS was caught scanning the Georgia Secretary of
State’s website in 2016 and these documents show that details
about the controversy may have been ‘overwritten,’” stated
Judicial Watch President Tom Fitton.
In January 2017, the DHS Inspector General wrote to Kemp,
saying that an investigation into his allegations was in progress
and asking for web and network logs, as well as any other
evidence that indicated the DHS attempted to breach
Georgia’s system.
In July 2017, the DHS Inspector General reported to the House
Committee on Oversight and Government Reform “that DHS
employee interactions with the Georgia systems were limited to
routine searches for publicly available information on the state’s
public website and that none of the web pages visited were
related to elections or voters.” And stated: “The investigation
was conducted by employees in OIG’s specially trained
Digital Forensics and Analysis Unit.”
Judicial Watch is a national leader for cleaner elections.
In September 2020, Judicial Watch released a study revealing
that 353 U.S. counties had 1.8 million more registered voters than
eligible voting-age citizens. In other words, the registration rates
of those counties exceeded 100% of eligible voters. The study
found eight states showing state-wide registration rates
exceeding 100%: Alaska, Colorado, Maine, Maryland, Michigan,
New Jersey, Rhode Island, and Vermont. The study collected
the most recent registration data posted online by the states
themselves. This data was then compared to the Census Bureau’s
most recent five-year population estimates, gathered by the
American Community Survey (ACS) from 2014 through 2018.
ACS surveys are sent to 3.5 million addresses each month, and
its five-year estimates are considered to be the most reliable
estimates outside of the decennial census.
In 2018, the Supreme Court upheld a voter-roll cleanup program
that resulted from a Judicial Watch settlement of a federal lawsuit
with Ohio. California settled a federal lawsuit with Judicial Watch
and last year began the process of removing up to 1.6 million
inactive names from Los Angeles County’s voter rolls. Kentucky
also began a cleanup of hundreds of thousands of old registrations
last year after it entered into a consent decree to end another
Judicial Watch lawsuit.
In 2020, Judicial Watch sued North Carolina, Pennsylvania, and
Colorado for failing to clean their voter rolls, and sued Illinois for
refusing to disclose voter roll data in violation of federal law.
Judicial Watch has several open records requests pending over
the conduct of the 2020 election.
You can learn more about Judicial Watch’s clean election efforts here.
Semper Fidelis
![[Image: SyAa0qj.png]](https://i.imgur.com/SyAa0qj.png)
USMC
![[Image: SyAa0qj.png]](https://i.imgur.com/SyAa0qj.png)
USMC
Nemo me impune lacessit


It is Well with My Soul