Albert Sensors May, 2023: from 2019 AWS Public Sector Presentation and Virginia FOIA Responses
Slides are dated May 9, 2023 with current local information on Albert,
Origin of the Albert Sensor: The Einstein program from CISA, the Cybersecurity and Infrastructure Security Agency, is the origin of the “Albert” system. This is an intrusion detection system (IDS) which can be easily obtained commercially through companies like Suricata, but Albert is enhanced by CIS engineers in a way that cannot be seen by the public. Most are based on Surricata or Snort.
The Prince William County Department of Information Technology has a large staff, and it is difficult to believe none of them can handle network intrusion detection and their own firewall. The same is true for the Virginia Information Technology Agency, which also has an MOA with CIS.
The Albert system is also virtual, integrating with Amazon Web Services (AWS). Our pollbook systems are also integrated with AWS to accommodate the 2020 implemented six weeks of early voting in multiple locations in the county and across Virginia.
Another aspect of Albert is to create the open avenue for a central software system to be installed through various means. Without getting hung up on the multiple ways of how, including through vendors, just comprehend there is a multi-tiered, multi-dimensional yet simple control system in place.
Patrick Colbert has an excellent website with information on Albert. From that,
“CIS deploys Albert to SLTT government entities across America. Each of these entities have their own internal network connected to the internet. This internal network often features Election Management System (EMS) servers used to aggregate election data from other sources. These EMS servers tabulate election data from across precinct or absentee voter counting board electronic voting system tabulators. CIS shares all incoming and outgoing data with their own election operations center referred to as the EI-ISAC. Albert Sensors monitor the same sort of data one would expect to see in a generic “Splunk Log“. Albert sensors deployed to SLTT and election organizations collected Netflow Data and much more from across the country. CIS uses Netflow Data to enable efficient targeting of “packets” of interest. The Suricata platform enables the recording of these “packets” of interest for later analysis. These recordings are sometimes referred to as PCAP’s.”
By the way, the Virtual Cybersecurity Information Security Officer (vCISO) signed the Memorandum of Agreement (MOA) on behalf of Prince William County after being funded by the Metropolitan Washington Council of Governments, and refused to respond to the public. She was emailed twice, and one phone call was made by the Chair of the PWC-EIWG to her. The conversation was professional and the MOA still being in force was acknowledged. However as soon as she found out she was speaking to a member of the public on the MOA, the call was disconnected in about 10 seconds. No effort was made on her part to reconnect or answer emails.
Pollbooks, voter registration systems and various election vendors are also part of the national monitoring system, which likely has a data feedback mechanism. The KnowInk pollbook system is used in Fairfax County and various other localities, as well as Tenex. This is explained at a high level starting at about minute 8 (so you can skip the video blather in the beginning) of, https://rumble.com/v2lcu4q-1-may-2023-pm-show-conservative-daily.html
The Rabet-V pilot was just completed by CIS as well, showing KNOWiNK, ES&S, VR Systems, Runbeck, and the state of South Carolina and Kopis. All have Albert type monitoring for data flow where specially designed software look to be capturing enormous flows of voter registration and election data, centrally monitored in New York (at least).
And you cannot just leave ALBERT, you have to purge the system. For example, during the 2020 Election, Iran linked hackers were discovered ‘lurking on a city’s infrastructure “used to report the results of voting,”’ US Cyber Command and CISA have now revealed.
Another resource for Albert Sensor information can be found here.
Then we have another excellent presentation on the federalization of Us elections.