A Senate Intelligence Committee report released Thursday provided new details about what happened in 21 states said to have been cyber-targeted by Russians.
The report labels only one of the 21 states that were alerted of the attempted Russian intrusions in 2017, meaning some mystery remains publicly as to what happened where.
The assessment backs up what state officials previously told TPM: that much of the activity were so-called “scans,” which have been equated to a thief looking for open doors and windows but not actually breaking in.
In one state, according to the report, cyber actors scanned the state’s entire IT infrastructure, include its website for election results.
“If the penetration had been successful, actors could have manipulated the unofficial display of the election tallies.” the report said. “State officials believed they would have caught any inconsistency quickly. State 6 became aware of this malicious activity and alerted partners.”
In addition to the scans, the state was targeted repeatedly by another type of intrusion known as a “SQL injection attack.”
“State 6 saw the highest number of SQL attempts of any state,” the report said.
Much of the report is redacted, but it appears that at least two other states were targeted by SQL injections. According to the report, Russian actors used other techniques, including spearfishing, in addition to the scan and SQL attempts.
The Senate Intelligence Committee said neither it nor DHS could discern a pattern in the known attempted intrusions, leading the federal government to believe that all 50 states may have been scanned.
“DHS acknowledged that the U.S. Government does not have perfect insight, and it is possible the IC missed some activity or that states did not notice intrusion attempts or report them,” the Intel Committee report said.
The Senate Intel report said that it was still unclear exactly why Russian hackers sought intrude on state election systems, but it offered a few theories:
Overall, the report said, the Intelligence Community believes that the activity was in line of Russia’s larger goal of “undermining the integrity of elections and American confidence in democracy.
As TPM previously reported, Russian hackers successfully infiltrated Illinois’ voter registration data base but the committee found no evidence that the hackers tampered with the voter registration data, even though they were in the position to.
The report later quotes Obama administration Homeland Security Advisor Lisa Monaco explaining what kind of chaos would ensue if Russians had tampered with voter registration records.
Much of the report details tensions between state and federal officials as they scrambled to understand and deal with the attempted cyber-intrusions. The Obama administration held an August 2016 conference call with state officials to raise concerns about potential vulnerabilities.
The state officials did not react well to the Obama administration assertions on the call, per the report, and pushed back particularly when Obama’s DHS floated designating election systems as critical infrastructure. The administration ultimately pushed back the designation until early 2017 — in part due to the blowback from the states.
Obama admin held a call in Aug ’16 w/ state officials to raise concerns of cyber vulnerabilities & floated idea of a critical infrastructure designation. States freaked out over “federal takeover” of elections, so admin pushed off idea of designation https://t.co/oQqIVX4RgV pic.twitter.com/PaNTQXTYHG
— Tierney Sneed (@Tierney_Megan) July 25, 2019
Read the report here: