That’s the question that Georgia Secretary of State Brian Kemp is asking, and he hasn’t been satisfied with the responses he’s been getting from Department of Homeland Security (DHS) head Jeh Johnson.
It was in November that Brian Kemp’s office saw that someone was trying to breach their firewall. Kemp’s staff traced the IP address back to a DHS employee.
Now, Kemp is soliciting the help of President-elect Donald Trump. In a letter to Trump, Kemp asked that he take action once he takes office.
Homeland Security did eventually acknowledge that an employee in U.S. Customs and Border Protection was on the Georgia Secretary of State website, but according to DHS, this employee didn’t try to hack into the computer system. They alleged that this worker was “using licensing databases on the Secretary of State’s website to verify an individual’s background,” according to what one DHS official told Kemp in an email.
DHS indicated that the CBP employee in question was using a computer that was “configured incorrectly,” making the person’s legitimate actions on the Secretary of State website seem illegitimate, when in fact, they weren’t. As the Atlanta Journal-Constitution explained, “they believe the employee’s computer was incorrectly set up so that a legitimate visit to the website inadvertently set off alarms.”
Brian Kemp isn’t convinced. “DHS has still not been able to confirm the origin or intent of this attack,” Kemp’s chief of staff and legal counsel David Dove said. “This was a reconnaissance scan that raised red flags with our vendor’s counter-threat unit.”
In a letter Tuesday to Kemp, DHS head Jeh Johnson suggested that a Microsoft error was to blame. That did little to assuage Kemp’s fears. “The scenario DHS has proposed has still not been verified by Microsoft,” Kemp wrote late Tuesday in response. “There are still many questions regarding the origin and intent of this attack that remain unanswered.”