Despite widespread alarm over the breadth of Russian cyber attacks on state and local election systems last year, including revelations of Dallas County being targeted, Harris County officials are refusing to say whether hackers similarly took aim at the nation’s third-largest county. Releasing information on whether Harris County election systems saw attacks from Russian hackers would threaten the county’s cyber security by emboldening hackers to further target local systems, county officials said this week. The county’s argument was dismissed by experts, who said the secrecy is unnecessary, and could actually downplay the seriousness of the threat and the resources needed to combat it. “There’s this concept in security called ‘security through obscurity,’ sort of, if they don’t know about it they won’t come after it,” said Pamela Smith, a consultant at Verified Voting, a San Francisco-based nonprofit that promotes voting integrity. “But to really have robust security, you want people to be able to know that it’s there … I think what the public wants to know is that you’re aware of the threat and you’re taking steps to mitigate.”
In June, Bloomberg reported that Russian hackers “hit” voter databases and software systems in 39 states, in some cases penetrating campaign finance databases and software used by poll workers, and attempted to alter or delete voter data in Illinois.
The Dallas Morning News published a story last month that election officials there had found attempts to hack their election system ahead of the November election – possibly to try to delete voter registration rolls and cause chaos on election day. The newspaper reported that election officials there cross-referenced hundreds of suspicious or possibly Russian-linked IP addresses provided to them by the U.S. Department of Homeland Security against those that had attempted to access Dallas County servers in early October and found 17 matches.