DHS: Kremlin Targeted Election Systems in 21 States
Officials from the Department of Homeland Security (DHS) have confirmed reports that Russian attempts to swing the 2016 US presidential election also involved cyber-attacks against election infrastructure, but not vote tallying systems.
Appearing in public before the US Senate Intelligence Committee were Samuel Liles, acting director of the DHS Office of Intelligence and Analysis (I&A), Cyber Division, and Jeanette Manfra, acting deputy undersecretary for cybersecurity and comms at the DHS’ National Protection and Programs Protectorate.
Their joint testimony revealed that in September, investigators found “suspicious and malicious cyber activity targeting the US election infrastructure”, leading to a report published in October.
It had the following:
“While not a definitive source in identifying individual activity attributed to Russian government cyber actors, [the report] established that internet-connected election-related networks, including websites, in 21 states were potentially targeted by Russian government cyber actors… a small number of networks were successfully compromised, there were a larger number of states where attempts to compromise networks were unsuccessful, and there were an even greater number of states where only preparatory activity like scanning was observed.”
They clarified that the attacks are not thought to have been conducted against vote tallying machines but other parts of the election management infrastructure – perhaps to undermine voter confidence in the eventual result rather than actually alter the count.
The testimony continued:
“Further, we assessed that multiple checks and redundancies in US election infrastructure—including diversity of systems, non-internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.”
Also testifying at the committee was Bill Priestap, assistant director of the FBI’s counterintelligence division. He described Russia’s attempts to influence the election as its “boldest to date” in the US.
“Russia's activities included efforts to discredit Secretary Clinton and to publicly contrast her unfavorably with President Trump. This Russian effort included the weaponization of stolen cyber information, the use of Russia's English-language state media as a strategic messaging platform, and the mobilization of social media bots and trolls to spread disinformation and amplify Russian messaging.”
The testimony comes after a leaked NSA report published earlier this month confirmed that Russian intelligence officials at the GRU attacked VR Systems, a company that makes machines which authenticate voters on polling day, and then used that access to spear phish local election officials.
Source: Information Security Magazine