The U.S. Department of Homeland Security reversed course Tuesday and told Wisconsin officials that the Russian government did not scan the state's voter registration system, then later reiterated that it still
Homeland Security first told state elections officials on Friday that Wisconsin was one of 21 states targeted by the Russians, raising concerns about the safety and security of the But on Tuesday, Homeland Security gave apparently conflicting information about whether the state's election system was a target and if it was, how it was threatened.
In an email to the state's deputy elections administrator that was provided to reporters at the Wisconsin Elections Commission meeting on Tuesday, Homeland Security said an agency that doesn't deal with elections was the target of scans by Russian IP addresses.
"Based on our external analysis, the WI IP address affected belongs to the WI Department of Workforce Development, not the Elections Commission," said the email from Juan Figueroa, with Homeland Security's Office of Infrastructure Protection.
But in a statement later to The Associated Press, Homeland Security spokesman Scott McConnell said that "discussions of specific IP addresses do not provide a complete picture of potential targeting activity."
"The Department stands by its assessment that Internet-connected networks in 21 states were the target of Russian government cyber actors seeking vulnerabilities and access to U.S. election infrastructure," McConnell said.
McConnell said it was responding to questions from a number of states, in addition to Wisconsin, but it was up to them to disclose details of those discussions.
Homeland Security initially told the Elections Commission that the Russians scanned the state's internet-connected election infrastructure, likely seeking specific vulnerabilities to access voter registration databases.
"Either they were right on Friday and this is a cover up, or they were wrong on Friday and we deserve an apology," Mark Thomsen, the commission's chairman, said in light of the new email.
Wisconsin's chief elections administrator, Michael Haas, had repeatedly said that Homeland Security assured the state it had not been targeted.
"Wisconsin was not provided any information that indicated before the November election that Russian government actors were targeting election systems," Haas said.
He said one theory is that Homeland Security saw suspicious activity from IP addresses targeting state election systems in other states and assumed that was the intent in Wisconsin as well.
"It's been a difficult process trying to piece all of this together," said Wisconsin Elections Commission spokesman Reid Magney. "We're trying to understand what happened."
Wisconsin's chief information officer, David Cagigal, told the commission that Wisconsin had never been told by Homeland Security, prior to the Friday notice, that Russians had targeted Wisconsin's election system or anything else. Deputy information officer, Herb Thompson, said Homeland Security told it in October to check on a certain IP address that the state had put in blocks to stop two months earlier in August 2016.
"We have never seen any of those activities result in anything other than someone trying to turn the doorknob to see if a door is open," Thompson said. "Those IP addresses we talked about, we had blocked, they were related to non-election systems."
Cagigal said, "Our systems were protected and we had no incidences."
The Elections Commission has established a cyber security team that is working on a new plan to improve security before the 2018 elections.
Security enhancements being considered include encrypting the entire voter registration database to protect the information and make it unusable to anyone who may be able to steal it and requiring two-factor authentication for the roughly 3,000 local and state officials who have access to the WisVote system.