?riff-i. J, .H The Of?ce of Secretary of State 23mm Kemp SECRETARY OF STATE December 8, 2016 The Honorable Jeh Johnson Secretary of Homeland Security Department of Homeland Security Washington, DC. 20528 Secretary Johnson, On November 15, 2016, an IP address associated with the Department of Homeland Security made an unsuccessful attempt to penetrate the Georgia Secretary of State?s ?rewall. I am writing you to ask whether DHS was aware of this attempt and, if so, why DHS was attempting to breach our ?rewall. The private-sector security provider that monitors the agency?s ?rewall detected a large unblocked scan event on November 15 at 8:43 AM. The event was an IP address (216.81.81.80) attempting to scan certain aspects of the Georgia Secretary of State?s infrastructure. The attempt to breach our system was unsuccess? ful. At no time has my of?ce agreed to or permitted DHS to conduct penetration testing or security scans of our network. Moreover, your Department has not contacted my of?ce since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network. This is especially odd and concerning since I serve on the Election Cyber Security Working Group that your of?ce created. As you may know, the Georgia Secretary of State?s of?ce maintains the statewide voter registration data? base containing the personal information of over 6.5 million Georgians. In addition, we hold the information for over 800,000 corporate entities and over 500,000 licensed or registered professionals. As Georgia?s Secretary of State, I take cyber security very seriously. That is why I have contracted with a global leader in monitored security services to provide immediate responses to these types of threats. This ?rm analyzes more than 180 billion events a day globally across a 5,000+ customer base which includes many Fortune 500 companies. Clearly, this type of resource and service is necessary to protect Georgians? data against the type of event that occurred on November 15. Georgia was one of the only few states that did not seek DHS assistance with cyber hygiene scans 0r pen- etration testing before this year?s election. We declined this assistance due to having already implemented the security measures suggested by DHS. Under 18 U.S.C. 1030, attempting to gain access or exceeding authorized access to protected computer systems is illegal. Given all these facts, a number of very important questions have been raised that deserve your attention: 214 State Capitol oAtlanta, Georgia 30334 - (404) 656-2881 (404) 656-0513 Fax Did your Department in fact conduct this unauthorized scan? If so, who on your staff authorized this scan? Did your Department conduct this type of scan against any other states? systems without authori- zation? If so, which states were scanned by DHS without authorization? I am very concerned by these facts provided by our security services provider, as they raise very serious questions. I would appreciate your prompt and thorough response. Sincerely, an. Brian P. Kemp CC: The Honorable Johnny Isakson United States Senate The Honorable David Perdue United States Senate The Honorable Buddy Carter United States House of Representatives The Honorable Sanford Bishop United States House of Representatives The Honorable Westmoreland United States House of Representatives The Honorable Hank Johnson United States House of Representatives The Honorable John Lewis United States House of Representatives The Honorable Tom Price United States House of Representatives The Honorable Rob Woodall United States House of Representatives The Honorable Austin Scott United States House of Representatives The Honorable Doug Collins United States House of Representatives The Honorable Jody Hice United States House of Representatives The Honorable Barry Louderrnilk United States House of Representatives The Honorable Rick Allen United States House of Representatives The Honorable David Scott United States House of Representatives The Honorable Torn Graves United States House of Representative 214 State Capitol 0 Atlanta, Georgia a 30334 0 (404) 656-2881 I (404) 656-0513 Fax