CISA chief 'encouraged' by lack of attacks on midterms
A top U.S. cybersecurity official said on Thursday she was “encouraged” that the 2022 midterm elections did not see significant foreign influence from adversaries.
“I was encouraged by the lack of activity that we saw,” Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly told The Record and CNN on the sidelines of the CyberwarCon security conference in Arlington, Virginia. “I didn't see any type of influence activity that had any sort of major impact.”
She later said that no state asked for incident response help on Election Day and there were no ransomware incidents — a possibility other federal cyber officials had expressed concerns about.
Experts and officials were on high alert for problems around rogue poll monitors, physical violence against election workers and cyber threats, but voting appears to have gone on without a hitch. Several Mississippi state websites, including the secretary of state’s, were not knocked offline but the outage did not impact voting.
On Tuesday, a senior CISA official speculated that there might be more of such distributed denial-of-service attacks as votes are tabulated, but Easterly said that has yet to happen.
“There hasn't been any significant outreach about continued DDoS activity,” she told reporters at CyberwarCon. Recorded Future, the parent company of The Record, is a sponsor of the conference.
As she did in a public statement yesterday, Easterly stressed the election isn’t over, with the Senate race in Georgia headed for a runoff, and state officials nationwide still counting ballots.
She said the agency's approach won't change to focus on the Georgia race.
“I don't think our activities are going to change substantially… We have really good relationships with the state and local officials there,” according to Easterly.
She also noted that, unlike in previous elections, CISA was able to use its Joint Cyber Defense Collaborative — the organization’s public-private coordination hub — to “respond to things that were happening that were, again, low level and not impactful."
“It was a helpful addition just to understand the cyber environment and it's probably why I could have a certain level of confidence that there wasn't anything significant or impactful,” she added.
Speaking to the conference earlier, Easterly said CISA would conduct an “after-action” report about the midterms, in part to prepare for the looming presidential election.
The threat environment in 2024 “is going to be even more complicated,” she predicted.
Martin Matishak
is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.