'Real-time' Election Day fear: Illinois authorities detected suspicious web traffic

Three weeks after Election Day in Illinois, the ABC7 I-Team has learned that there were red flags in Springfield about a feared computer intrusion to the state voting system.

With the National Guard on standby, $7 million in new election security in place and a vow to keep foreign hackers at bay, Illinois officials had proclaimed an all-clear after November 6 that there were no signs of cyber-attacks during the midterms.

However, weeks later, the I-Team has been told that Election Day in Illinois was not without concerns of a security threat from a foreign menace.

"We knew about a threat in real time," said Aaron Kustermann, Illinois State Police intelligence director. "We knew about an IP address in real time. And that was fed directly to the county officials that could make decisions about blocking or tackling that IP address."

The state police ran a "war room" on Election Day in Springfield, at the ISP's techy intelligence center, aimed largely at preventing hackers from threatening Illinois voting systems or databases -- or the worst case scenario: commandeering the actual vote count after the polls closed.

While there was apparently no full-frontal cyber-attack of Illinois' election computers, there was plenty of "suspicious IP traffic from another state," according to Kustermann.

"Information comes in, we can see it and share that with everybody: State board of elections, with the county election clerks. There's 108 local authorities that run elections," he said.

"They alerted us that they detected unusual activity, but it was our understanding there was no security threat from that," said Illinois State Board of Election spokesman Matt Dietrich. "They sent us a report and it was for official use only and we can't comment."

State officials have not revealed the origin or nature of the suspicious computer traffic.

In the summer of 2016, the Illinois voter registration system was penetrated by Russian hackers. That cyber breach here compromised the personal registration information of about 500,000 Illinois voters, according to federal indictments handed up last summer against a dozen Russian operatives and information from state election officials.

The hack job on Illinois and more than three-dozen other states two years ago prompted expansive and expensive security plans that were put in place for November's midterm election.

But even with the optimism of government officials for their newly-forged counter-hack plans, IT experts were not convinced that there could be complete protection from foreign data invaders.

"Even homeland security has admitted they don't have a system yet that can weed out the erroneous presumptions of dangerousness from those that are actually true," said Lori Andrews, Director of IIT Chicago-Kent's Institute for Science, Law and Technology. "The problem is figuring out who is likely to commit a crime in advance."

Before the polls closed on Election Day, Homeland Security Secretary Kirstjen Nielsen cautioned that the Russians "have a full court press through many means." But without a major infiltration on Nov. 6, most election officials across the country heralded their two years of preparations and said there was no evidence of hacked systems.

"We had all the right resources in the right place paying attention to the right things," Cook County's director of elections, Noah Praetz, said Tuesday.