The Newnan Times-Herald

Local

Kemp alleges hacking two days before election


  • By Sarah Fay Campbell
  • |
  • Nov. 06, 2018 - 6:18 AM

Early Sunday morning, Secretary of State Brian Kemp’s office announced that his office was launching an investigation into the Democratic Party of Georgia for a “failed hacking attempt."

The office stated it was alerting the FBI and Department of Homeland Security, and asking the FBI to investigate “possible cyber crimes."

The Democratic Party responded, calling Kemp’s “false accusations… nothing more than a pathetic attempt to cover up for his failures.”

The announcement came two days before the Nov. 6 general election in which Kemp, the Republican nominee for governor, is locked in a tight race with Democrat Stacey Abrams. Kemp and Abrams have been battling over voter registration issues for several years, since long before either was running for governor, and several lawsuits have been filed in the past few months over issues related to rejected or pending voter registrations and rejected absentee ballots.

The alleged hack doesn’t affect electronic voting systems, which are not connected to the internet, but does affect voter registration records. Voter registration records are used to program the cards that individual voters place into the electronic voting machines. Those cards are programmed with each voter’s specific ballot, based on where the voter lives.

At issue in this case are alleged vulnerabilities in the online voter registration and “My Voter Page” systems on the Secretary of State’s website.

A release from Kemp’s office refers to “failed efforts to breach the online voter registration system and My Voter Page” and states that “we are working with our private sector vendors and investigators to review data logs."

"Georgians of all political stripes are very concerned about election security and the security of Georgians’ personal information,” Rebecca DeHart, Democratic Party executive director, stated in a press release. "The Democratic Party of Georgia shares that concern, but we did not create, discover or attempt to take advantage of the deeply vulnerable system used by the Secretary of State’s office.

"This political stunt from Kemp just days before the election is yet another example of why he cannot be trusted and should not be overseeing an election in which he is also a candidate for governor,” DeHart said in an earlier statement.

Few details have been released by Kemp’s office.

The Democratic Party stated in a release Sunday that Kemp’s office and the FBI were notified by a third party regarding a major security vulnerability of Georgia’s elections database.

The investigation appears to be based on an email sent by a man named Richard Wright to a volunteer for the Democratic Party, Rachel Small. Small volunteers for the voter protection line, according to published reports.

In the email sent Saturday morning Wright said a man named Nate had asked him to provide Small with details on some issues he had discovered. Wright said a URL on the My Voter Page allows someone to download any file on the system. The online voter registration site offers the ability to download a voter registration form. According to Wright’s email, the URL for that action contains an ID number. If that ID number is changed “you can download anyone’s data.”

A “postman” file is attached to the email showing details on the issues.

According to a release from the Democratic Party, Small forwarded that email to Sara Ghazal, voter protection director for the party. The party has posted the emails, with addresses redacted, on its website, www.georgiademocrat.org

"As the day wore on yesterday, it became clear – and as evidence and other reporting came out – it became very clear that the Democratic Party of Georgia did exactly what it was supposed to do,” said David Worley, the Democratic appointee to the State Election Board, at a press conference held Monday on the steps of the state capitol. "They had some information referred to them about vulnerabilities in the voting system, they referred it to experts. That information got to lawyers who sent it to the FBI – before Brian Kemp even contacted the FBI. That was what the Democratic Party was supposed to do,” Worley said.

“In return for being a good citizen… the Democratic Party got charged publicly with committing cyber crimes,” Worley added. “That is a fundamental abuse of Brian Kemp’s power as Secretary of State."

Kemp hasn’t provided any evidence of a possible hack – because evidence does not exist, said Democratic Party Chairman Dubose Porter during the press conference.

Kemp was asked about evidence during a brief on-camera interview in the Albany airport by Fox News’ Jonathan Serrie at 11:24 Monday morning.

Kemp, who was in Albany for a campaign event, told Serrie his team was “meeting right now” with the FBI, GBI and homeland security and “when they get out of that meeting we’ll have more info.”

Kemp said his office was handling this situation “like we handle any other cybersecurity issue.

“We’re letting them look at the information, and we’ll have more information later,” Kemp added.