{"id":2178294,"date":"2024-02-16T15:36:01","date_gmt":"2024-02-16T20:36:01","guid":{"rendered":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/breach-in-wisconsin-campaign-finance-system-exposes-security-risks\/"},"modified":"2024-02-16T15:44:05","modified_gmt":"2024-02-16T20:44:05","slug":"breach-in-wisconsin-campaign-finance-system-exposes-security-risks","status":"publish","type":"post","link":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/breach-in-wisconsin-campaign-finance-system-exposes-security-risks\/","title":{"rendered":"Wisconsin Campaign Finance System Breach Reveals Security Vulnerabilities"},"content":{"rendered":"<aside class=\"mashsb-container mashsb-main mashsb-stretched\"><div class=\"mashsb-box\"><div class=\"mashsb-count mash-medium\" style=\"&quot;\"><div class=\"counts mashsbcount\">16<\/div><span class=\"mashsb-sharetext\">SHARES<\/span><\/div><div class=\"mashsb-buttons\"><a class=\"mashicon-facebook mash-medium mash-nomargin mashsb-noshadow\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https%3A%2F%2Fwww.conservativenewsdaily.net%2Fbreaking-news%2Fbreach-in-wisconsin-campaign-finance-system-exposes-security-risks%2F\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Facebook<\/span><\/a><a class=\"mashicon-twitter mash-medium mash-nomargin mashsb-noshadow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&amp;url=https:\/\/www.conservativenewsdaily.net\/breaking-news\/?p=2178294&amp;via=ConservNewsDly\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Twitter<\/span><\/a><a class=\"mashicon-subscribe mash-medium mash-nomargin mashsb-noshadow\" href=\"#\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Subscribe<\/span><\/a><div class=\"onoffswitch2 mash-medium mashsb-noshadow\" style=\"display:none\"><\/div><\/div>\n            <\/div>\n                <div style=\"clear:both\"><\/div><\/aside>\n            <!-- Share buttons by mashshare.net - Version: 4.0.47--><p><!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\"><br \/>\n<?xml encoding=\"utf-8\" ?><?xml encoding=\"utf-8\" ?><?xml encoding=\"utf-8\" ?><?xml encoding=\"utf-8\" ?><html><body><\/p>\n<div class=\"article-content\">\n<p>Wisconsin\u2019s\u200b <a href=\"https:\/\/cfis.wi.gov\/#\" target=\"_blank\" rel=\"noreferrer noopener\">Campaign Finance Information System<\/a> (CFIS) \u2064was compromised in late November and nobody from the Wisconsin Ethics Commission seems to want to\u200d talk on the record about it. <\/p>\n<p>But audio recordings obtained by The Federalist raise serious\u200d questions about the CFIS breach and the responsibility\u200d government \u2062agencies have to notify the legislature of integrated technology security threats. <\/p>\n<div class=\"fdrlst__b89e9-paragraph-2-long d-flex justify-content-center\" style=\"margin-left: auto; margin-right: auto; text-align: center; \" id=\"fdrlst__b89e9-201746353\">\n<div id=\"div-gpt-ad-1379703300879-0\" class=\"mb-30\"><\/div>\n<\/div>\n<div class=\"fdrlst__b89e9-a823590a8f2d2e026ca38f1c1d21024b fdrlst__b89e9-paragraph-2\" id=\"fdrlst__b89e9-a823590a8f2d2e026ca38f1c1d21024b\"><\/div>\n<h2 class=\"wp-block-heading\">Through the Backdoor<\/h2>\n<p>The breach \u2062occurred on the \u200beve of Thanksgiving and continued for several days,\u200d a commission staff member told Adrianne\u2063 Melby, a self-described <a href=\"https:\/\/elephantintheroom.substack.com\" target=\"_blank\" rel=\"noreferrer noopener\">\u201cmoral conservative\u201d<\/a> \u2064 and arguably one\u2062 of Wisconsin\u2019s \u200cmore passionate open government and election\u2062 integrity activists. In attempting to check campaign finance\u2063 reports that are stored\u200b on the CFIS site, Melby found the system\u2064 inoperable \u2062and called the agency to find out what the problem was. <\/p>\n<p>While Ethics Commission Administrator Daniel Carlton has refused to <a href=\"https:\/\/www.conservativenewsdaily.net\/breaking-news\/cancel-rent-champion-ayanna-pressley-raked-in-thousands-as-landlord-records-show\/\" title=\"\u2018Cancel Rent\u2019 Champion Ayanna Pressley Raked in Thousands as Landlord, Records Show\">return multiple requests<\/a> \u2063for comment from The Federalist about the breach, Melby had an illuminating conversation with an agency staff member identified only as Richard following the long Thanksgiving \u2063holiday weekend. The \u2064only \u201cRichard\u201d <a href=\"https:\/\/ethics.wi.gov\/Resources\/StateCandidateOverviewSlidesJune2020.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">listed<\/a> online as part of the Ethics Commission\u2019s program staff as of June 2020 is a Richard Bohringer. \u2063Since Wisconsin is a one-party consent state, Melby recorded the conversation and provided the audio to The Federalist. <\/p>\n<p>First, Melby\u2063 spoke with a different staff member who wouldn\u2019t\u200c say what caused the system shutdown, only that there were \u201csome things that are currently out of our hands\u2062 right now.\u201d The staff member described the problem\u2064 as a \u201cmaintenance issue,\u201d and that the agency was trying to get the CFIS\u200c back up and running \u201cas soon as possible.\u201d <\/p>\n<p>When she spoke with Richard, Melby asked whether \u2062the site was hit by a cyber \u2063attack. It wasn\u2019t, he said, acknowledging \u201cthere was some unauthorized acts\u201d and the state\u2019s \u200cDivision of Enterprise Technology (DET) was \u201cjust figuring out how they gained access,\u201d he said. <\/p>\n<div class=\"fdrlst__b89e9-1db23a79d34ad5bf166ead7e1c2658d3 fdrlst__b89e9-paragraph-6\" id=\"fdrlst__b89e9-1db23a79d34ad5bf166ead7e1c2658d3\"><\/div>\n<p>Richard claimed that\u200c the invaders didn\u2019t attack \u2064the database server, but did manage to access the website server beginning around 4:30 p.m. on Wednesday, Nov. 22. \u200bWhy? Apparently whoever got in wanted to use the server to host videos. They found a \u201cbackdoor\u201d into the internals of the\u200d 15-year-old \u2063campaign finance and lobbying database website. <\/p>\n<p>\u201cFrom \u200dwhat we can tell \u2026 it doesn\u2019t\u200b look like anybody \u200ddid anything nefarious on the site,\u201d Richard told Melby. \u201cFrom what they [DET] can tell, it got triggered Wednesday. They were showing, like, a huge demand on the site, and \u2063what they found out was there was videos streaming. It was like somebody else was hosting\u2064 their video on \u2064the site and \u200cpeople watching it.\u201d<\/p>\n<p>\u201cThey were \u2062just using the server resources to broadcast their videos,\u200c basically,\u201d\u00a0he said.<\/p>\n<p>The official reiterated that the site\u200c pirates did not access the\u200b campaign\u2063 finance database itself. <\/p>\n<div class=\"fdrlst__b89e9-7e9cb006be65c0a086e74b3bebdf7de2 fdrlst__b89e9-paragraph-10\" id=\"fdrlst__b89e9-7e9cb006be65c0a086e74b3bebdf7de2\"><\/div>\n<p>\u201cOut of an abundance of caution,\u201d the \u200bDivision of Enterprise Technology apparently shut down the site\u00a0in advance of \u2063Black Friday and Cyber Monday, high online traffic days littered with scammers and hackers, Richard\u200b said. \u2062An official with the DET referred The Federalist\u2019s \u2062questions to the Wisconsin Department of \u200cAdministration. DOA has not returned a call seeking comment. <\/p>\n<p>But the\u2062 Ethics Commission agent told Melby that the state had to \u201cbring in someone at\u200c the national level even to kind of look stuff over.\u201d\u2063 Just\u200d who \u200bthat \u201cnational \u200clevel\u201d individual \u2062was, he didn\u2019t elaborate. <\/p>\n<h2 class=\"wp-block-heading\">A Breach of Confidence<\/h2>\n<p>Republican \u2063State Rep. \u200bJanel Brandtjen raised the breach concern <a href=\"https:\/\/wiseye.org\/2024\/01\/30\/assembly-committee-on-campaigns-and-elections-40\/\" target=\"_blank\" rel=\"noreferrer noopener\">last month<\/a> at a hearing on an \u2063Ethics Commission-related bill. At the hearing, Carlton, the commissioner\u2019s administrator, noted that the Campaign Finance Information System is looking at a significant overhaul,\u200c at a\u200c cost of $325,000. He\u200c told the Assembly Campaign Finance and Elections Committee that the old system, built in 2008, is a \u201cdinosaur.\u201d <\/p>\n<p>\u201cWhy exactly are they going\u200c through this\u2064 process right now? It\u2019s because they were hacked, and they were\u2062 hacked through a backdoor,\u201d Brandtjen said at the hearing. The lawmaker wants to\u200c establish protocol mandating government agencies \u201cpromptly notify the legislature in the event \u2064of\u200c a system breach.\u201d<\/p>\n<p>\u201cEstablishing a protocol for timely notification of system breaches \u2063to the legislature is vital for maintaining transparency,\u2063 fostering\u2064 public \u2063trust, enabling swift legislative action, \u2063mitigating risks, and ensuring government systems\u2019 overall security and\u2063 integrity. \u2064I eagerly anticipate CFIS\u2019s report on their recent system breach,\u201d Brandtjen said in\u200c a <a href=\"https:\/\/legis.wisconsin.gov\/assembly\/22\/brandtjen\/media\/gxofqfk2\/brandtjen-calls-for-procedure-to-notify-legislature-of-governmental-security-system-breaches.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">press release.<\/a> <\/p>\n<p>A memo from the Wisconsin Legislative Reference Bureau notes state law already requires all \u2064\u201centities\u201d that maintain personal information \u201cnotify the subjects \u200bof\u200d that information if unauthorized persons gain access to it.\u201d State policies also include \u201c<a href=\"https:\/\/det.wi.gov\/Documents\/130_Security_Assessment_and_Authorization_Executive_Branch.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">security standards<\/a> and <a href=\"https:\/\/det.wi.gov\/Documents\/170_Incident_Response_Standard_Executive_Branch.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">incident response standards and procedures<\/a>,\u201d \u2064the bureau noted.<\/p>\n<p>\u201cThe incident response procedures set baseline requirements for all state agencies, who\u200b must have \u2062policies for incident response training, testing, reporting, and more,\u201d \u2064the memo states. <\/p>\n<p>The question is, did the\u2063 Ethics Commission fail\u200d to follow\u200b the law and incident response procedures?<\/p>\n<p>Brandtjen said Carlton and his team at the Ethics Commission have not responded\u200b to her office\u2019s request for information. That\u2019s why she brought the\u200b matter up at the\u200b hearing. The conservative firebrand lawmaker, who has <a href=\"https:\/\/thefederalist.com\/2024\/02\/12\/is-wisconsins-republican-speaker-killing-efforts-to-impeach-suspect-elections-chief\/\" target=\"_blank\" rel=\"noreferrer noopener\">paid the price politically<\/a> for her focus \u2064on election integrity, said grave concerns remain about the security of\u2064 Wisconsin\u2019s campaign finance and\u200b elections systems. The Wisconsin Elections Commission\u2019s controversial administrator Meagan Wolfe, who has thus far successively <a href=\"https:\/\/thefederalist.com\/2024\/02\/12\/is-wisconsins-republican-speaker-killing-efforts-to-impeach-suspect-elections-chief\/\" target=\"_blank\" rel=\"noreferrer noopener\">staved off efforts to remove her from office<\/a>, has \u2062boasted about how she helped build the Badger State\u2019s <a href=\"https:\/\/www.eac.gov\/sites\/default\/files\/eac_assets\/1\/6\/Wisconsin.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">WisVote system.<\/a> <\/p>\n<p>\u201cHow many other agencies have this problem, \u200cparticularly in this age of AI?\u201d Brandtjen said. <\/p>\n<p>State Rep. Donna Rozar,\u200b a Republican who \u200dserves on the Assembly\u2019s Campaign Finance and \u2064Elections \u200dCommittee, said she was a\u200d little taken aback by Brandtjen\u2019s \u201callegations\u201d\u2064 at the hearing on the <a href=\"https:\/\/www.conservativenewsdaily.net\/breaking-news\/washington-state-campaign-finance-bill-raises-free-speech-practicality-questions\/\" title=\"Washington state campaign finance bill raises concerns about free speech and practicality\">campaign finance bill<\/a>. She said it was \u201ca little out of context.\u201d Rozar\u2063 said she has spoken with\u2063 Carlton and he explained the upgrade to the \u200bCampaign Finance Information System wasn\u2019t \u201ctriggered\u201d\u2063 by the breach in November. She acknowledged, however, that \u201cshe\u2063 never \u200bcould get good details [from the administrator] about \u200bwhat happened.\u201d <\/p>\n<p>\u201cWe have\u2064 got to \u2063be so savvy about our computer security,\u201d Rozar said. \u201cI am very concerned about cybersecurity and I\u2019m worried we are not doing \u200benough to protect all levels of government and business.\u201d <\/p>\n<p>Adrianne Melby, who \u200dbrought the security issue to light, \u2063said \u200dthe breach is \u201cdeeply concerning.\u201d <\/p>\n<p>\u201cApparently this is some \u200dsort of breach\u200d or hack that took a federal official to come in and fix,\u201d\u200b she said.\u2064 \u201cWhat confidence\u200d can I have that information wasn\u2019t wiped or information wasn\u2019t inserted? \u2026 For \u2063it to be\u200c down for seven days \u2014 from Nov. 22 to 29, that\u2019s concerning.\u201d <\/p>\n<p>Listen to Melby\u2019s conversations with Ethics Commission staff members here. <\/p>\n<figure class=\"wp-block-audio\"><audio controls src=\"https:\/\/thefederalist.com\/wp-content\/uploads\/2024\/02\/Audio_11_28_2023_10_54_14.mp3\"><\/audio><\/figure>\n<figure class=\"wp-block-audio\"><audio controls src=\"https:\/\/thefederalist.com\/wp-content\/uploads\/2024\/02\/Audio_11_28_2023_11_49_54.mp3\"><\/audio><\/figure>\n<div class=\"fdrlst__b89e9-ab98fcf1f402ab08e7d1b92ae2d200ee fdrlst__b89e9-after-post-content\" id=\"fdrlst__b89e9-ab98fcf1f402ab08e7d1b92ae2d200ee\"><\/div>\n<hr class=\"wp-block-separator\">    \t\t\t\t\t   \t\t\t\t\t\t\t\t\t<\/div>\n<p> rnrn  <\/p>\n<h2> How did the unauthorized individuals\u2063 gain access to the \u200dCFIS server and\u2064 what actions\u2064 were taken to \u200dprevent further breaches?<\/h2>\n<p><span>  \u200c Campaign\u200b Finance System Compromised: Questions Surrounding Wisconsin Ethics Commission&#8217;s Handling of the Breach<\/p>\n<p>In\u200b late \u200dNovember, Wisconsin&#8217;s Campaign Finance Information System (CFIS)\u200c experienced a breach,\u2064 raising concerns about the responsibility of \u200cgovernment agencies to \u200daddress \u2064and inform the legislature about integrated technology security threats.\u200d While the Wisconsin Ethics Commission has remained silent and declined to comment \u200con the breach, audio recordings obtained by The \u2063Federalist shed light \u2063on the incident.<\/p>\n<p>Adrianne Melby, an advocate for open government and election integrity, attempted to\u2062 access campaign finance reports on\u2063 the CFIS site but found\u200d it to be inoperable. Upon contacting the agency, she had a conversation with an agency staff member identified as Richard, \u200dwho disclosed crucial information about the\u2062 breach. Notably, Richard confirmed that the\u200b breach was not \u200da cyber-attack. Instead, unauthorized individuals gained access to the website server, mainly to host videos, utilizing a &#8220;backdoor&#8221; into the 15-year-old campaign finance and lobbying database website.<\/p>\n<p>According to Richard, there was no indication of any nefarious\u200d activity on\u2062 the site, as the \u2063unauthorized individuals used the server resources to host their \u200cvideos rather than accessing the <a href=\"https:\/\/www.conservativenewsdaily.net\/breaking-news\/fact-check-did-denzel-washington-say-hes-leaving-the-democratic-party-to-help-team-trump\/\" title=\"FACT CHECK: Did Denzel Washington Say He\u2019s Leaving The Democratic Party To Help \u2018Team Trump\u2019?\">campaign finance database<\/a>\u200d itself. As a precautionary measure, the Division of Enterprise Technology shut down\u200b the site before Black Friday and Cyber\u2062 Monday, days notorious for \u2062online scams and cyberattacks. The Federalist&#8217;s inquiries were directed to the\u200d Wisconsin Department of Administration, which\u2064 is yet to provide \u2064a response.<\/p>\n<p>The breach concern was \u2062raised by Republican State Representative Janel Brandtjen during a hearing on \u200can Ethics Commission-related bill. The commissioner&#8217;s administrator, Daniel Carlton, acknowledged the need for a significant overhaul of the Campaign Finance Information System. Brandtjen emphasized the urgency of establishing protocols mandating government agencies to promptly notify the\u200c legislature in the event of a system breach. She raised \u200bconcerns that the breach occurred through a backdoor, implying weaknesses in the system&#8217;s security.<\/p>\n<p>Brandtjen highlighted the importance of transparency, public trust, and legislative action while also safeguarding government systems&#8217; security and integrity. Wisconsin state law already requires entities that maintain \u2062personal information to notify the affected individuals in the event of unauthorized access. \u2064State policies provide security standards \u2063and incident response procedures for all state agencies to follow.<\/p>\n<p>Nonetheless, Brandtjen noted a lack of response from Carlton and his team at \u200dthe Ethics Commission, raising questions\u2063 about their adherence to the law and incident response procedures. She expressed ongoing concerns about the security of Wisconsin&#8217;s campaign finance and elections systems, particularly considering the controversial administrator of the Wisconsin Elections Commission, Meagan Wolfe.<\/p>\n<p>The breach of the CFIS\u2064 highlights the importance of robust cybersecurity measures and proactive communication in \u2063the face of such incidents. The Wisconsin \u2064Ethics Commission must address the breach and provide a comprehensive report to restore public confidence in \u2062the security and integrity of the state&#8217;s campaign finance and elections systems. Additionally, <a href=\"https:\/\/www.conservativenewsdaily.net\/breaking-news\/sen-jacky-rosen-demands-comprehensive-review-of-university-harassment-policies-over-antisemitism\/\" title=\"Sen. Jacky Rosen calls for a thorough examination of university harassment policies in response to incidents of antisemitism\">establishing\u2064 clear protocols<\/a> for timely and transparent notification of system breaches to the legislature \u200dis crucial\u2062 in maintaining trust and mitigating\u2063 risks in government systems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Wisconsin&#8217;s CFIS breach in late November remains shrouded in secrecy as the Ethics Commission refuses to comment. However, audio recordings obtained by The Federalist highlight concerns regarding the breach and the obligation of government agencies to inform the legislature about compromised integrated technology<\/p>\n","protected":false},"author":656,"featured_media":2178295,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mo_disable_npp":"","fifu_image_url":"https:\/\/thefederalist.com\/wp-content\/uploads\/2024\/02\/pexels-pixabay-60504.jpg","fifu_image_alt":"","footnotes":""},"categories":[546],"tags":[],"class_list":["post-2178294","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-federalist"],"fifu_image_url":"https:\/\/thefederalist.com\/wp-content\/uploads\/2024\/02\/pexels-pixabay-60504.jpg","_links":{"self":[{"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/posts\/2178294","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/users\/656"}],"replies":[{"embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/comments?post=2178294"}],"version-history":[{"count":0,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/posts\/2178294\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/media\/2178295"}],"wp:attachment":[{"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/media?parent=2178294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/categories?post=2178294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/tags?post=2178294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}