The Senate Intelligence Committee issued a report Tuesday concluding the Russian government probed state election infrastructure during the 2016 election in an effort to dismantle trust in the U.S. voting system.
From the report:
Russian actors scanned databases for vulnerabilities, attempted intrusions, and in a small number of cases successfully penetrated a voter registration database. This activity was part of a larger campaign to prepare to undermine confidence in the voting process. The Committee has not seen any evidence that vote tallies were manipulated or that voter registration information was deleted or modified.
The Committee has limited information about whether, and to what extent, state and local officials carried out forensic or other examination of election infrastructure systems in order to confirm whether election-related systems were compromised. It is possible that additional activity occurred and has not yet been uncovered.
... [T]he committee said it saw no evidence that the Russians had ultimately changed vote tallies or voter registration information. In a few states, however, Russian hackers were “in a position to, at a minimum, alter or delete voter registration data,” the committee said.
(...)
The Intelligence Committee has been investigating Russia’s election interference campaign for well over a year now. The findings and earlier recommendations related to election security amount to its first public conclusions based on that work.
(...)
The senators found that the Russians targeted at least 18 states, and said that there is evidence that they also went after three others, scanning them for vulnerabilities. In six states, they went further, trying to gain access to voting websites, and in “a small number of states” actually breached election computer defenses.
In those instances the intruders had the ability to change registration data but appeared unable to change votes, the report stated. The senators cautioned that other Russian attacks and breaches could have gone undetected.
More from the report:
The Committee does not know whether the Russian government-affiliated actors intended to exploit vulnerabilities during the 2016 elections and decided against taking action, or whether they were merely gathering information and testing capabilities for a future attack. Regardless, the Committee believes the activity indicates an intent to go beyond traditional intelligence collection.
The committee concludes the Department of Homeland Security did not do enough quickly enough to warn and assist states in 2016 but has improved since then.
Although DHS provided warning to IT staff in the fall of 2016, notifications to state elections officials were delayed by nearly a year. Therefore, states understood that there was a cyber threat, but did not appreciate the scope, seriousness, or implications of the particular threat they were facing.
(...)
The Committee found that DHS is engaging state election officials more effectively now than in the summer of 2016. Although early interactions between state election officials and DHS were strained, states now largely give DHS credit for making tremendous progress over the last six months.
The report points out several remaining vulnerabilities that need addressing, including outdated machines that don't provide a paper record and the Internet accessibility of some election infrastructure.
The senators also sounded concerns on Tuesday about the shrinking number of voting-machine makers. The three largest vendors of voting equipment dominate the industry, and both the companies and their subcontractors that serve local election agencies are largely unregulated. That makes them and other vendors “an enticing target for malicious cyberactors,” the Intelligence Committee wrote.
A National Security Agency analysis leaked last June concluded that Russian military intelligence launched a cyberattack on at least one maker of electronic voting equipment during the 2016 campaign, and sent so-called spear-phishing emails days before the general election to 122 local government officials, apparently customers of the manufacturer. The emails concealed a computer script that, when clicked on, “very likely” downloaded a program from an external server that gave the intruders prolonged access to election computers or allowed them to search for valuable data.
The agency said the Russians appeared to have targeted managers of voter-registration computer systems, and that it was unclear whether any of those systems were compromised.
Read the full report: Russian Targeting of Election Infrastructure During the 2016 Election: Summary of Initial Findings and Recommendations (pdf)
Russia Tried to Undermine Confidence in Voting Systems, Senators Say (NYT)