Officials in a Kansas county say their election system was not part of a malware attack that struck the county in July, despite Vice President Mike Pence’s recent statement to the contrary.
Pence made the claim Tuesday as part of a speech on cybersecurity in which he spoke out strongly against Russian interference in the 2016 election, along with other attacks. News of the attack came just a week before the state’s primary on August 7.
Pence told the audience at a cybersecurity conference in Manhattan that the attack had shut down the county’s election network.
“Less than two weeks ago, Finney County, Kansas, reached out to DHS for help after a malware attack forced them to shut down not just their election network, but the entire county’s network,” Pence said. “Federal officials worked hand-in-hand with the county to identify and ultimately eliminate this dangerous intrusion. This is a model of the collaboration that we need to ensure the security of our elections.”
But the attack didn’t happen the way Pence described, according to a county official.
“Our election system is not a part of the network and it was not impacted in any way,” said Finney County spokeswoman Sara McClure. “Advance voting started on schedule on July 18 and voting remains unaffected.”
When reached for comment about the discrepancy, Pence’s office directed CNN to the Department of Homeland Security. The DHS responded with a statement saying it had offered the county support.
“To date there are no indications that any citizen’s personal information was impacted nor any evidence that the malware has spread to other networks,” the statement said. It added, however, that does not mean that other state and county organizations were not subject to the same infection.
An administration official said there was no difference in what Pence and McClure had said.
“What the vice president and Finney County said are consistent. The vice president was referring to election systems in the broader sense to include the people, processes and things that help to administer elections,” the official said.
The small county in Kansas was forced to shut down its network twice in July after discovering it had been attacked, county officials told CNN. But the election system was not connected.
The county was infected by two different types of malware called TrickBot and Emotet. The malware – which works as a credential harvester – was supposed to worm its way through network shares, according to Rod Blunt, chief information security officer for Kansas.
“It’s just an unfortunate event. Malware happens, and malware is harder to prevent than it used to be,” Blunt said
Officials said the county was not the intended target but rather collateral damage.
The county first noticed the malware on July 12.
A computer outside the county’s network had been hacked, resulting in the email address book becoming compromised. Soon after, Finney County officials said, the attack caused local computers to lock up, and they shut down the infected computers to clean them out. When they turned them back on a day later, they noticed the malware was still coming through over email, and they shut down the entire system to scrub all county devices, according to McClure.
“We’re confident that all of our information was completely protected by shutting down the network.” McClure said.
In response to the attack, county officials are implementing more user training and tightening email filters and the firewall, officials said.
Kansas Secretary of State spokeswoman Danedri Herbert said the DHS assisted in the aftermath of the failed attempt, though she said the election network was not compromised.
“A week later DHS came back and gave the all-clear, and everything has been normal ever since,” Herbert said. “The voter registration system was never involved; it’s maintained by the state.”
News of the latest hacking attempt comes as intelligence officials continue to point at Russian hacking attempts along with plans to combat cyberattacks. On Tuesday, DHS Secretary Kirstjen Nielsen unveiled plans for the newly created National Risk Management Center, a level of defense that is expected to focus on financial services, telecommunications and energy sectors.