If the Federal government lied about their censorship, what other election initiatives are they lying about?
Let’s look at their program created to gain access to local election data.
Around 2011 DHS created their own intrusion detection system called the ALBERT Sensor. It’s part of the larger Einstein System that protects federal agencies from cyber risks. ALBERT is a “black box” server installed on a County’s network. It collects the traffic flowing on their election network and transmits this data to a nonprofit in NY. DHS selected this non-profit to monitor all the election data from across the United Sates. It is analyzed around the clock with the hope they can alert jurisdictions if they find any malicious traffic on their network. Few election networks had the system before 2016.
After Trump won his election, DHS wanted access to all local election systems. They quadrupled the number of ALBERT installations in the following two years by pressuring counties over Russian election interference. ALBERT Sensors are now in 98% of our nations election infrastructure. We call it a “black box” because the counties know little about the system. They are given no dashboard to see activity, no reports on what was captured, not even what ALBERT observed. ALBERT is free to a County, but they must sign an agreement that gives CISA access too. This includes info about hardware configurations and security settings.
Detractors say ALBERT has major weaknesses and can be hacked.
DHS Director Jeh Johnson designated our elections as “critical infrastructure” just 14 days before Trump was sworn in. This petty move gave the left more weapons over elections. DHS then needed a command center for elections. So a collaboration was formed between the 501(c)3 nonprofit Center for Internet Security (CIS), the DHS cyber security unit CISA, and the Election Infrastructure Government Council (EIS-GCC). All three receive DHS funding. But DHS tasked only the nonprofit CIS to run the new Election Infrastructure Information Sharing and Analysis Center (EI-ISAC). CTO Brian Calkin said “EI-ISAC was officially kicked off in March of 2018”.
The EI-ISAC monitoring center run by CIS is in a wooded rural area of East Greenbush, NY. It has roughly 300 employees and a $51mil annual budget funded by Congress (DHS). As we mentioned before, County election data from nearly the entire U.S. goes to NY in real time. It is monitored 365 days a year.
By 2016, ALBERT Sensors were in less than 25 states. They monitored the general county networks, very few election networks. After Trump won his election, DHS targeted elections. They created EI-ISAC and began a massive push to deploy ALBERT in all elections nationwide. To pressure counties, DHS met with the election policy gatekeepers. This included the National Secretaries of State (NASS), National State Election Directors (NASED), the EAC, and others. These national groups pushed the ALBERT program onto State associations. They pushed it onto their individual members who are our County Recorders and Election Directors.
The parallels between the ERIC voter registration system and CIS ALBERT Sensors are uncanny. Both are nonprofits that collect vital election data in private. Both ERIC and CIS pilot-tested their programs in left-leaning election jurisdictions. Pew Center On The States used the same tactics, and approached the same associations, to deploy ERIC across America. CIS keeps their reports, dashboards, and insight away from the counties. ERIC keeps their dashboards, insights, and voter maintenance lists away from the public. Neither provides transparency. These parallels are not a coincidence.
DHS gathered election intelligence in 2018 by conducting “vulnerability assessments” in various jurisdictions. This included one week of DHS staff having remote access to poke around a County’s election network and systems. This was followed by a 2nd week where DHS staff went onsite to access the networks and hardware. Many counties found themselves teaching DHS about elections, not learning about security from these DHS staff. Election staff were frustrated and said DHS knew very little how elections actually operated.
To have their networks monitored, each County must sign a Memoranda of Agreement (MOA) with CISA. The County then becomes part of the Continuous Diagnostics and Mitigation (CDM) program. Most federal agencies participate in CDM, but this is overkill for American counties. It gives CISA tremendous access to election systems, as shown on pg. 10 of their Election Resources Guide. CISA obtains asset information on County hardware, software, even security settings. CISA has visibility of “Identity” and “Access Management” information. This includes user accounts, privileges, credentials, and the authentication during the login process.
They say ALBERT sensors only “listen” to the data. They can only see the type of data flowing, not the actual data itself. However, Biden signed a cybersecurity Executive Order in May 2021 that required anyone in the CDM program to sign an new agreement (MOA). This mandates they now provide the more detailed “object level” data to CISA. This is supposedly for better “assessment and threat-hunting” purposes. ALBERT customers automatically become members of MS-ISAC. This Multi-State sharing program distributes cybersecurity information amongst its 13,000 members. It’s like your PC anti-virus software which reports any cyber issue, experienced by any user, to one central command.
In 2019, CIS said the election data they accumulated had become so large, they had to move it to the Amazon (AWS) cloud service. But ALBERT was pitched a centralized and secure single location. Relying on the cloud was either their plan from the onset, or incompetence. Our election data now leaves a County and travels to parts unknown, possibly even overseas. CIS also stores “hardened images” of servers, along with all their settings, on the AWS cloud. Amazon has substantial involvement in our elections. This includes ballot tracking, voter messaging, call centers, and much more. CIS also uses the cloud services from Oracle, Google, and Azure.
By September 2018, DHS had quadrupled ALBERT deployments since the 2016 election. Jeanette Manfra, DHS Assistant Secretary for Cybersecurity, admitted that ALBERT had detected no intrusions in any State for the 2018 election year cycle, that had only 2 months remaining. The federal government has hacked our election network before (DHS Georgia). But they now control the system that creates the alerts and notifications. Engineers programming ALBERT must tell it what to look for. Bad actors could just make sure ALBERT is not programmed to detect their specific intrusion type. Also, ALBERT does not stop an intrusion. It watches it happen and hopes someone takes action before to much damage occurs.
Weeks after installing ALBERT, Lincoln County, WA was hit with a ransomware attack. The ALBERT system and CIS never alerted Lincoln about the initial intrusions. They were not alerted about the hack either, from a well known ransomware group. Okanogan County, WA was also hacked, and was not notified by CIS. County Commissioners of neighboring Ferry County, with roughly 7,000 total citizens, voted to stop using ALBERT. They canceled their contract and removed the devices. In a bizarre twist, NPR sprang into action and ran two attack stories targeting Ferry County and staff. NPR wanted to intimidate anyone else from cancelling ALBERT.
Why was this so important to NPR? Who influenced NPR to attack Ferry, one of the smallest counties in America? Why was the Democrat Secretary of State in WA pleading with the counties to install and keep the ALBERT Sensors? Nancy Churchill (R) explains more in her excellent article, and in this WhoCountsTheVotes piece. Nancy is the State Committeewoman for Ferry County Republicans. Ferry Commissioner Nathan Davis, who has an IT background, said “It’s scanning everything we do on our network and it sends it to a 3rd party. Why the hard push (to install ALBERT)? What are the true motivations to push so hard on something that really doesn’t do a lot”?
No one should ever expect the ALBERT Sensor system to be a potent defense. There’s almost no incentive for any stakeholders to create this as a world-class tool. Counties are pressured into using ALBERT, then kept in the dark. These factors, coupled with the fact it’s free, means County staff have little interest in it’s success. There’s also no competition driving ALBERT to become a better product. For ALBERT insight from an employee, read the 2020 testimony from CIS CEO Tom Gilligan.
