For weeks, computers at multiple state agencies in Oklahoma had been blocked from accessing the campaign websites of a pair of candidates for statewide office, but the Office of Management and Enterprise Services has now whitelisted the sites after being asked about the issue by NonDoc.
The two sites are:
- JoelKintsel.com, the campaign website of Joel Kintsel, the Department of Veterans Affairs director who is challenging Gov. Kevin Stitt in this year’s Republican primary;
- NelsonForOklahoma.com, the campaign website of Jena Nelson, the lone Democratic candidate for superintendent of public instruction.
“The websites sited were initially blocked on the state’s wi-fi network due to one of our third-party automated security features that had categorized them as ‘parked,'” Caden Cleveland, OMES director of legislative and public affairs, said in a statement this afternoon.
Cleveland said the “automated security features” typically categorize and block websites in that manner “when they are only a few weeks old or when they have a URL that does not have active content.”
“In this particular case, these two sites, as well as several other newly developed sites, had not yet been reevaluated by the automated security feature to be accessible on the state’s network,” Cleveland said. “Once the request was made to OMES, our third-party security feature reviewed the page and re-assigned it to an accessible category. The pages are now available on the state network.”
That “request” appears to have been questions from NonDoc, which were asked after Kintsel said a member of his ODVA staff noticed that their director’s campaign website was blocked while his competitors’ sites — including Stitt’s — were accessible. All other statewide campaign websites in the gubernatorial and state superintendent races were also accessible.
Tuesday afternoon, Kintsel called the explanation “convenient.”
It’s not the first time Kintsel has felt that leaders of the state’s computer network may be targeting his campaign for governor. In March, Kintsel discussed an alleged security breach witnessed by ODVA employees on an ODVA computer in late 2021. Kintsel asked OMES to review that incident, and the state management agency found “that nothing was identified that indicated malicious activity had taken place, and that this may have been an error with [an employee’s] wireless mouse and/or weight on the keyboard CTRL key.”
At the time, Kintsel called that explanation “kind of a joke,” and he subsequently contacted the FBI with his concerns that someone had accessed his agency’s computers. Kintsel said he worried someone within OMES might be targeting him directly because of his then-rumored campaign for governor.
Tuesday, he referenced the alleged security breach when asked about OMES’ explanation of his website initially being blocked on the state network.
“Considering that these are the same people that claim an unauthorized intrusion witnessed by three people at ODVA never happened, it seems rather convenient to blame technical reasons for OMES blocking my website,” Kintsel said.
Steven Harpe, OMES director and the state’s chief operating officer, said Monday that he and his office have not been contacted by the FBI about Kintsel’s concerns.
“We partner with the FBI on a myriad of things, and they have never hesitated to reach out when they feel like there is a situation that needs to involve our cyber command or OMES in general,” Harpe said. “No one has reached out to me or my team, and we have no desire to involve the FBI unless we get some evidence otherwise that we need to do so.”
‘No one is spying on him’
In his interview Monday, Harpe said he was unaware that the Kintsel and Nelson campaign websites were being blocked, but he said his team would look into the matter. Roughly 24 hours later, the sites had been granted approval for access on state networks.
“It’s funny. This thing has been drawn up to be some type of controlled effort, and it’s not that at all. No one is spying on him, and at the same time no one is purposefully keeping Joel’s website from being seen by anyone, at least that I’m aware of,” Harpe said. “When you secure networks, there is a lot that goes into that. Some of it is base definitions, meaning just out of the gate it’s something you block. This isn’t that situation, unless the company they are using is known to spam a ton of people or they’ve had issues in the past securing their websites.”
Harpe said the website issue was not indicative of his agency showing some sort of bias toward the state’s incumbent governor.
“I get from Kintsel’s perspective that he thinks this is some kind of master plan or whatever, but it’s not that at all,” Harpe said Monday. “So we will figure it out.”
Tuesday, the websites for Kintsel and Nelson were approved in the state security filters.
A representative of Nelson’s campaign provided a statement about the website saga.
“I’m so grateful for our diligent reporters bringing this to my attention. I’m certain that, in this case, there was no ulterior motive at work in blocking my campaign website on state devices,” Nelson said. “It is a newly registered domain address and I know OMES has to be extra diligent to protect their network from hackers and other nefarious actors. Now that their system has indexed and recognized the website, I’m glad that all Oklahomans can access our campaign information.”
Harpe said OMES had also fulfilled Kintsel’s open records request for data related to remote access of machines at the ODVA.
“If they turn over their devices there at ODVA, we could continue to do a deeper dive,” Harpe said, noting that OMES could also hire a third-party contractor to review the alleged 2021 security breech. “We put that option out there. We just haven’t heard back from ODVA yet. So if that’s something they want to do, we are happy to do it. We just haven’t heard back from Kintsel or anybody else.”
Harpe provided an April 28 letter that outlined the agency’s response to Kintsel’s requests. The letter is embedded below.