- Russian hackers likely targeted all 50 states in various ways during the 2016 election, a Senate report found.
- After a years-long ramp-up, 100% of voter databases are now covered by sensors designed to spot malicious activity.
- Democratic senator Ron Wyden says, "Congress must also establish mandatory, nation-wide cybersecurity requirements.”
Every state in the US was likely targeted in some way by Russian hackers in 2016, according to a Senate Intelligence Committee report released on Thursday that spotlighted numerous failures on the part of the American government. The targets varied widely, from county websites to voter databases. There is no evidence the activity resulted in any data or votes changed.
The Senate report, which reinforces some conclusions American officials had drawn as early as 2016, warns that the targeting signals a broad effort from Russia and is a worrisome threat.
Speaking to Congress earlier this week, former special counsel Robert Mueller said Russia would again interfere with the American elections upcoming in 2020: “They are doing it as we sit here, and they expect to do it in the next campaign.”
Mueller argued that “more countries are developing capability to replicate what the Russians have done.”
On the same day, Senate Majority Leader Mitch McConnell blocked election security bills requiring political campaigns to report foreign hacking and interference attempts to the FBI, characterizing the legislation—passed in the House of Representatives—as “partisan.” McConnell argued that the federal government had already given enough money to the states for election security upgrades, and he is opposed to more federal control over national elections.
But some argue that the states need more help.
States alone are “ill equipped to defend themselves against the sophisticated, well-resourced intelligence agencies of foreign governments,” according to a recent report from the Brennan Center for Justice, a nonpartisan public policy institute. “States should not be expected to defend against such attacks alone. Our federal government should work to provide the states with the resources they need to harden their infrastructure against cybersecurity threats.”
The Russian government actions against US election infrastructure ranged from simple scans to successful penetrations. The reconnaissance by Russian hackers may have been laying the groundwork for future attacks.
“In 2016, cyber actors affiliated with the Russian government conducted an unprecedented, coordinated cyber campaign against state election infrastructure,” the new Senate report concluded. “Russian actors scanned databases for vulnerabilities, attempted intrusions, and in a small number of cases successfully penetrated a voter registration database. This activity was part of a larger campaign to prepare to undermine confidence in the voting process. The Committee has not seen any evidence that vote tallies were manipulated or that voter registration information was deleted or modified.”
American officials have said that Russian hackers targeted election infrastructure in multiple states in 2016, including Illinois, Arizona, and Florida. In Florida, they were “in a position” to change voter roll data, according to the report and Senator Marco Rubio. There is no evidence anything was actually changed.
Ahead of the 2020 election, every state is now running security sensors designed to give the federal government the ability to detect hacking attempts against voter databases, says Christopher Krebs, a top cybersecurity official at the Department of Homeland Security.
These “Albert sensors,” according to Krebs, provide intrusion detection and reporting so that state voter databases accounting for 100% of votes in the 2020 election will be covered. That number is up from 32% in 2016 and 90% in 2018, after a deliberate buildup following defense failures in the 2016 election.
Albert sensors are created by the Center for Internet Security, an American nonprofit organization. The technology is designed to detect malicious activity through methods including identifying suspicious IP addresses and malware signatures. Suspicious activity is reported to the Multi-State Information Sharing and Analysis Center in New York, which is an organization meant to share cybersecurity information and services between local, state, and federal government agencies and organizations.
Covering all 50 states is significant for both technical and political reasons. Still, some state officials have opposed the effort as federal government overreach.
The Senate Intelligence Committee report, which had key sections redacted at the request of American intelligence agencies, recommended that states stay in full control of election security. Democratic senator Ron Wyden, a vocal proponent of increasing election security requirements, disagreed.
“We would not ask a local sheriff to go to war against the missiles, tanks and planes of the Russian Army. We shouldn’t ask a county election IT employee to fight a war against the full capabilities and vast resources of Russia’s cyber army. That approach failed in 2016 and it will fail again,” Wyden wrote. “The federal government’s response to this ongoing crisis cannot be limited to offers to provide resources and information, the acceptance of which is voluntary. If the country’s elections are to be defended, Congress must also establish mandatory, nation-wide cybersecurity requirements.”
After saying that the Obama administration was “caught a little flat-footed” by election interference, Krebs argued this week at the 2019 International Cyber Security Conference in New York City that the US is “not going to be caught flat-footed again.” He concluded, “We’re ready for what they’re going to bring at us.”