Exclusive: DHS Says Georgia Hack May Have Been Rogue Employee
Officials tell members of Congress the attack on state firewall could have been inside job
The Department of Homeland Security told members of congress Friday that a rogue federal employee may have been responsible for a November hack-attack that targeted the Georgia secretary of state’s system, LifeZette has learned.
On Friday afternoon DHS initiated a conference call with members of Georgia’s congressional delegation to discuss the cyber-attack, a Capitol Hill staffer with knowledge of the call told LifeZette.
“There’s a lot of mistrust at the moment”
DHS officials said on the call that there were two possible explanations for the hack, the source said. Either a malicious third-party mirrored the DHS IP address linked to the hack — or someone within the department executed the attempted infiltration without authorization. DHS is currently investigating both possibilities.
At the invitation of Rep. Buddy Carter (R-GA), staff from the House Oversight Committee and Homeland Security Committee also participated on the call, another source with knowledge of the situation confirmed.
The emergency call with the Georgia delegation came in response to a strongly worded letter sent by Georgia Secretary of State Brian Kemp to Homeland Security Secretary Jeh Johnson on Thursday, on which the entire Georgia delegation to Congress was copied.
[lz_ndn video= 31721379]
“The private-sector security provider that monitors the agency’s firewall detected a large unblocked scan even on November 15 at 8:43 AM. The event was an IP address (18.104.22.168) attempting to scan certain aspects of the Georgia Secretary of State’s infrastructure. The attempt to breach our system was unsuccessful,” Kemp wrote.
“I’m am writing you to ask whether DHS was aware of this attempt and, if so, why DHS was attempting to breach our firewall.”
The attack itself could have been an attempt to search for vulnerabilities in Georgia’s firewall. The congressional aide described the nature of the cyber-attack to as like “trying to get into a car by trying all the doors, or trying to open all the windows of a house.” However as of now the purpose of the attack and motives behind it are still being investigated.
With few concrete answers from DHS so far, the aide said there is a lot of skepticism about the department’s innocence in the attempted breach. “There’s a lot of mistrust at the moment,” the source told LifeZette.