SALT LAKE CITY — Utah officials are reporting that attempts to scan or intrude into state administered websites and digital assets — including databases and sites associated with elections — have reached record levels.
And it's clear that having an internationally recognized political figure who is a two-time presidential candidate, former governor and widely recognized critic of Russia on the Utah ballot isn't helping.
But no one is blaming U.S. Senate candidate Mitt Romney for the billion-plus incidents that state digital security systems are now blocking on a daily basis in the run-up to this November's general election. It's just the world we now live in.
State Elections Director Justin Lee said that while Romney's presence has heightened Utah's profile as a potential hacker target, an increased volume of intrusion attempts during election season has become the coin of the realm across the country.
"It's not just us," Lee said. "Anyone running a public website is getting attacked on a regular basis, and the volumes have been on the rise for years.
"As elections get closer, the levels go up."
While a big name on the ballot and record activity by digital malefactors may be more a matter of correlation than causation, Utah Lt. Gov. Spencer Cox said in a podcast with Utah Policy that news of Romney's decision to run earlier this year was viewed as a call to arms as far as state cybersecurity issues were concerned.
"I can tell you we sat down, my team and I sat down … the day that Mitt Romney announced that he was running," Cox said. "We realized that day that this was different, that this was a game changer. Because, you had a former presidential candidate who was very outspoken when it came to Russia, specifically the Russian threat.
"We’d been kind of a low-profile state when it comes to elections and now suddenly we’re very high-profile."
Cox also noted to Utah Policy that the highly publicized intrusion activity associated with the 2016 election cycle continues to be a motivating factor for election administrators.
"We're constantly vigilant because of what we saw in 2016," he said.
Phil Bates, Utah's chief information security officer, said he and his staff of 18 are tasked with keeping Utah's websites and digital data secure from intruders and have recruited help from the U.S. Department of Homeland Security, the FBI and others to keep up with advances in hacker strategies.
Bates explained that the 1 billion incidents blocked by his team each day are not all attempts to enter the state's systems.
"The vast majority of this is reconnaissance and surveillance traffic," Bates said. "They are attempts to try to identify assets in our network. Some of it is just port scans, but some is more complex than that."
The state also executes some blocking based on the origin of activity, which includes places like Russia, China and Iran. But Bates underscored that blocked activity is coming from all over the world and accomplished bad actors are typically proficient at concealing their locations.
Digital security expert Richard Hickman, who manages the computer forensics and incident response department for business consulting firm Eide Bailly, said digital intruders sometimes use exactly the same tools as security experts to identify and exploit weaknesses.
"Automated scans have been around for quite a while," Hickman said. "They're open source and free and available for anyone to download. They're not necessarily something that is malicious and a lot of security professionals will use these same tools to test their own networks."
While state officials say there is no evidence of any successful intrusions, the work to enhance digital security is ongoing. Helping with that effort is a recently passed appropriation to the federally operated Helping America Vote Act.
Utah has submitted a request for the approximately $4.1 million for which the state is eligible. In March, Congress signed off on $380 million in funding aimed at helping states bolster their election-related systems. Lee said the state will utilize some funds for state security enhancements but also pass through some funding, once received, to aid counties in upgrading their election equipment.
The $4.1 million in the Helping America Vote Act funding, plus a $250,000 state matching contribution, will be parsed to provide a $1.9 million fund for county clerks to upgrade electronic voting machines, $300,000 to enhance state web security and $2.9 million to revamp the state administered voter registration database, which is the only significant digital election asset that is actually accessible via the internet.
Lee explained that voting machines, and the equipment counties use to tabulate the mail-in ballots that most Utahns utilize to cast their votes, operate unconnected to the web. While the voter registration databases of several states were infiltrated in the 2016 cycle, Utah's was not compromised.6 comments on this story
Still, Lee said the upgrades that the federal money will finance will help the state continue to stay one step ahead of potential bad actors and aid in ensuring voters' continued faith in a fair, and unmolested, Utah election system.
"Whether (hackers) ever actually get in and affect anything is one thing, but there is just the erosion of trust in the democratic process," Lee said. "We want to keep our systems secure but also maintain our public's trust that their votes and our system are secure."
A spokeswoman for Romney's campaign declined to offer comment for this story.
Contributing: Ladd Egan