PHOENIX — Arizona’s secretary of state says last month’s hack of the state’s candidate portal should be a “wakeup call” for more cybersecurity funding for his office.
Hackers in Iran broke into the candidate portal on June 23, just two days after the U.S. launched strikes in Iran, the Secretary of State’s Office confirmed.
“The cyberattack, I would say, is a result of what we've been talking about for several years, and Arizonans should be a little bit concerned,” Arizona Secretary of State Adrian Fontes told ABC15.
The hackers replaced candidate photos on past election results pages with a red-and-black image of the late Iranian leader Ayatollah Ruhollah Khomeini. The image included the words, “#Khomeini’s followers woke up. Our erosive revenge has begun.”
The image also pointed to a Telegram channel with a post referring to the U.S. strikes.
Fontes, who has unsuccessfully requested cybersecurity money from the Legislature, is now calling on lawmakers to approve funding to improve security.
“We need to work together to fix this problem,” he said. “It's a problem that's existed for years.”
He’s asking for $10 million for network systems and $3.5 million annually in continued funding to update outdated code.
Fontes said his team has improved security since he took office, but holes still remain.
“It's going to take a heck of a lot more than a couple bucks here and there to fix that's what we've been asking for, and that's what we're still asking for,” he said.
He needs approval from the Joint Legislative Budget Committee to shift funding around in his budget. It does not have any meetings scheduled yet, but Fontes is reaching out to legislative leaders.
“I have spoken personally with the Senate president. It looks like that might be something we can work out,” Fontes said, adding that this should not be a partisan issue.
Senate President Warren Petersen confirmed in a text message that he supports reviewing a funding request for Fontes’ office.
State Rep. Nick Kupper, a Republican who represents Legislative District 25, is asking Fontes to brief lawmakers in person about the June attack.
“Arizona’s election systems should never be this easy a target for foreign adversaries,” he said in a statement. “This wasn’t a prank — it was a politically motivated act of cyberwarfare, and we deserve answers. Every legislator has a responsibility to understand what happened and what’s being done to keep it from happening again.”
Fontes told ABC15 that no voter information or vote tabulation systems were affected.
Arizona’s voter registration system does not exist on these particular servers, he said, and the affected servers also don’t store or tabulate election results.
“But here's the critical thing to know, and that is that our foreign enemies know exactly what people are looking at,” he said. “They're looking at the results page, the one that was defaced. They're basically telling us, ‘We can get to you.’ ”
