Fraud Management & Cybercrime , Governance & Risk Management , Next-Generation Technologies & Secure Development
Russia Targeted All 50 States During 2016 Election: ReportSenate Intelligence Committee Report Finds Extensive Interference
A report released by the U.S. Senate Intelligence Committee on Thursday finds that Russia targeted election systems and infrastructure in all 50 states in the run-up to the 2016 Presidential election, and that the federal government failed to fully warn local officials of the danger.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm
The report finds that Russia's efforts to target local and state U.S. voting systems began as far back as 2014, although the exact motives remain unclear. The committee does note that its investigators could find no evidence that this cyber intrusion into voting system changed any vote tallies or results.
In addition to its other findings, the heavily redacted report notes that election systems in all 50 states remain vulnerable to attack, and that Congress "should evaluate the results and consider an additional appropriation to address remaining insecure voting machines and systems."
Thursday's report from the Senate Intelligence Committee is the first volume of its investigation into Russian interference during the 2016 election.
This Senate report comes a few days after former Special Council Robert Mueller testified before two House committees about Russian interference in the 2016 elections, and if President Donald Trump obstructed justice during the investigation. As part of his testimony, Mueller warned that Russia is already attempting to interfere in 2020 Presidential election (see: Mueller: Russian Interference 'Serious' Threat to Democracy).
"They're doing it as we sit here," Mueller told the House Intelligence Committee on Wednesday.
All 50 States Targeted
Over the course of two years, from 2017 to 2019, the Senate Intelligence Committee conducted an in-depth investigation into the 2016 election and what role Russia played during that time, according to the report.
What the committee found is that Russia and cyber actors associated with the country attempted to penetrate voting systems and infrastructure several years before the 2016 election. Specifically, the report found that these hackers took advantage of the fact that most elections systems are decentralized and overseen by states and local governments with different standards and equipment.
"Russian efforts exploited the seams between federal authorities and capabilities, and protections for the states," the report states.
As part of its investigation, the committee spoke with Michael Daniel, a former assistant to President Barrack Obama and the cybersecurity coordinator for the U.S. National Security Council. Daniel told senators in the interview that Russian hackers targeted voting systems in all 50 states. Other intelligence backed-up Daniel's testimony, the report finds.
What's not clear is why Russia did what it did. Since no votes were changed, the committee finds that hackers may have been looking for vulnerabilities or flaws in these systems to exploit later. Another possibility is that Russia wanted its activities to be known in order to undermine faith in the electoral process, the report notes.
One the witnesses the committee interviewed testified that the interference and hacking was "'classic Russian espionage … [They will] scrape up all the information and the experience they possibly can,' and 'they might not be effective the first time or the fifth time, but they are going to keep at it until they can come back and do it in an effective way,'" according to the report.
The report finds that the first documented case of interference happened in mid-July 2016, when election officials in Illinois notified the FBI about unusual network activity, with large increases in outbound traffic related to the voter registry website, according to the report.
The FBI investigation found that hackers using an SQL-injection attack, accessing some 200,000 records and exfiltrated an unknown amount of data from a database, the report finds.
The report, however, is at a loss to explain why the hackers took the data and what they may have done with it afterwards. "Russian cyber actors were in a position to delete or change voter data, but the Committee is not aware of any evidence that they did so," according to the report.
The Senate committee also details other problems in several other states.
Failure to Notify States
The report also notes that although the FBI and the U.S. Department of Homeland Security knew about many of the Russian hacking efforts, federal officials failed to properly notify state and local representatives about the danger. The committee found that information and alerts were sent to the wrong people, and that the decentralized nature of U.S. elections made crafting a uniform response difficult.
"DHS and FBI alerted states to the threat of cyber attacks in the late summer and fall of 2016, but the warnings did not provide enough information or go to the right people," according to the report's summary. "Alerts were actionable, in that they provided malicious Internet Protocol (IP) addresses to information technology (IT) professionals, but they provided no clear reason for states to take this threat more seriously than any other alert received."
And while the report notes that the FBI and Homeland Security have made improvements since 2016, especially when it comes to notifying state and local officials about the dangers of foreign interference, hackers are still attempting to access data voting systems.
The report notes that during the 2018 election, Homeland Security issued a warning that found "'numerous actors are regularly targeting election infrastructure, likely for different purposes, including to cause disruptive effects, steal sensitive data, and undermine confidence in the election.'"
While the Senate committee stresses in the report that improvements to state and local voting systems need to be made - Congress allocated about $380 million in grants to bolster cybersecurity in 2018 – it's not clear if lawmakers will do more before the 2020 election.
Since Mueller's testimony on Wednesday, Senate Democrats have attempted to pass two different bills aimed at improving voting security, but those have been blocked by Republicans. The Democratic-led House has passed two of its own bills, including the SAFE Act, which would allocate another $600 million for voting security and ban voting machines from being connected to the internet or being manufactured in foreign countries, according to The Hill.
The Senate report does contain a minority opinion section written by Sen. Ron Wyden, D-Ore., who notes that the federal government should do more and that states and local government are ill-equipped to handle the threat Russia possess.
"We shouldn't ask a county election IT employee to fight a war against the full capabilities and vast resources of Russia's cyber army," Wyden writes. "That approach failed in 2016 and it will fail again."