Pence said a Kansas county shut down its election system after malware attack. But it didn't.

Officials in a Kansas county say their election system was not part of a malware attack that struck the coun...

Posted: Aug 3, 2018 12:06 PM
Updated: Aug 3, 2018 12:06 PM

Officials in a Kansas county say their election system was not part of a malware attack that struck the county in July, despite Vice President Mike Pence's recent statement to the contrary.

Pence made the claim Tuesday as part of a speech on cybersecurity in which he spoke out strongly against Russian interference in the 2016 election, along with other attacks. News of the attack came just a week before the state's primary on August 7.

Business and industry sectors

Business, economy and trade

Computer science and information technology

Continents and regions

Crime, law enforcement and corrections

Criminal offenses

Digital crime

Digital security

Elections and campaigns

Government and public administration

Kansas

Malware

Midwestern United States

Mike Pence

North America

Political Figures - US

Politics

Software and applications

Technology

The Americas

United States

Government bodies and offices

Government organizations - US

US Department of Homeland Security

US federal departments and agencies

US federal government

Pence told the audience at a cybersecurity conference in Manhattan that the attack had shut down the county's election network.

"Less than two weeks ago, Finney County, Kansas, reached out to DHS for help after a malware attack forced them to shut down not just their election network, but the entire county's network," Pence said. "Federal officials worked hand-in-hand with the county to identify and ultimately eliminate this dangerous intrusion. This is a model of the collaboration that we need to ensure the security of our elections."

But the attack didn't happen the way Pence described, according to a county official.

"Our election system is not a part of the network and it was not impacted in any way," said Finney County spokeswoman Sara McClure. "Advance voting started on schedule on July 18 and voting remains unaffected."

When reached for comment about the discrepancy, Pence's office directed CNN to the Department of Homeland Security. The DHS responded with a statement saying it had offered the county support.

"To date there are no indications that any citizen's personal information was impacted nor any evidence that the malware has spread to other networks," the statement said. It added, however, that does not mean that other state and county organizations were not subject to the same infection.

An administration official said there was no difference in what Pence and McClure had said.

"What the vice president and Finney County said are consistent. The vice president was referring to election systems in the broader sense to include the people, processes and things that help to administer elections," the official said.

The small county in Kansas was forced to shut down its network twice in July after discovering it had been attacked, county officials told CNN. But the election system was not connected.

The county was infected by two different types of malware called TrickBot and Emotet. The malware -- which works as a credential harvester -- was supposed to worm its way through network shares, according to Rod Blunt, chief information security officer for Kansas.

"It's just an unfortunate event. Malware happens, and malware is harder to prevent than it used to be," Blunt said

Officials said the county was not the intended target but rather collateral damage.

The county first noticed the malware on July 12.

A computer outside the county's network had been hacked, resulting in the email address book becoming compromised. Soon after, Finney County officials said, the attack caused local computers to lock up, and they shut down the infected computers to clean them out. When they turned them back on a day later, they noticed the malware was still coming through over email, and they shut down the entire system to scrub all county devices, according to McClure.

"We're confident that all of our information was completely protected by shutting down the network." McClure said.

In response to the attack, county officials are implementing more user training and tightening email filters and the firewall, officials said.

Kansas Secretary of State spokeswoman Danedri Herbert said the DHS assisted in the aftermath of the failed attempt, though she said the election network was not compromised.

"A week later DHS came back and gave the all-clear, and everything has been normal ever since," Herbert said. "The voter registration system was never involved; it's maintained by the state."

News of the latest hacking attempt comes as intelligence officials continue to point at Russian hacking attempts along with plans to combat cyberattacks. On Tuesday, DHS Secretary Kirstjen Nielsen unveiled plans for the newly created National Risk Management Center, a level of defense that is expected to focus on financial services, telecommunications and energy sectors.

Article Comments

West Lafayette
Clear
32° wxIcon
Hi: 39° Lo: 24°
Feels Like: 26°
Kokomo
Clear
32° wxIcon
Hi: 38° Lo: 24°
Feels Like: 24°
Rensselaer
Clear
32° wxIcon
Hi: 38° Lo: 23°
Feels Like: 24°
Fowler
Clear
32° wxIcon
Hi: 38° Lo: 23°
Feels Like: 24°
Williamsport
Clear
33° wxIcon
Hi: 40° Lo: 22°
Feels Like: 28°
Crawfordsville
Clear
33° wxIcon
Hi: 39° Lo: 22°
Feels Like: 29°
Frankfort
Clear
35° wxIcon
Hi: 37° Lo: 22°
Feels Like: 29°
Delphi
Clear
31° wxIcon
Hi: 38° Lo: 24°
Feels Like: 23°
Monticello
Clear
31° wxIcon
Hi: 37° Lo: 24°
Feels Like: 23°
Logansport
Clear
32° wxIcon
Hi: 37° Lo: 24°
Feels Like: 26°
Dry with Below Average Temps Into the Weekend.
WLFI Radar
WLFI Temps
WLFI Planner

Community Events