New Senate Intel Report Reveals Details On Russian Cyber Attacks On States

WASHINGTON, DC - JULY 23: Sen. Mark Warner (D-VA) speaks during a press conference at the U.S. Capitol July 23, 2019 in Washington, DC. Warner spoke on the topic of election security during the press conference. Joi... WASHINGTON, DC - JULY 23: Sen. Mark Warner (D-VA) speaks during a press conference at the U.S. Capitol July 23, 2019 in Washington, DC. Warner spoke on the topic of election security during the press conference. Joining Warner (L-R) are Sen. Ben Cardin (D-MD), Rep. John Sarbanes (D-MD), Sen. Dick Durbin (D-IL) Sen. Amy Klobuchar (D-MN) and Sen. Ron Wyden (D-OR). (Photo by Win McNamee/Getty Images) MORE LESS
Start your day with TPM.
Sign up for the Morning Memo newsletter

A Senate Intelligence Committee report released Thursday provided new details about what happened in 21 states said to have been cyber-targeted by Russians.

The report labels only one of the 21 states that were alerted of the attempted Russian intrusions in 2017, meaning some mystery remains publicly as to what happened where.

The assessment backs up what state officials previously told TPM: that much of the activity were so-called “scans,” which have been equated to a thief looking for open doors and windows but not actually breaking in.

In one state, according to the report, cyber actors scanned the state’s entire IT infrastructure, include its website for election results.

“If the penetration had been successful, actors could have manipulated the unofficial display of the election tallies.” the report said. “State officials believed they would have caught any inconsistency quickly. State 6 became aware of this malicious activity and alerted partners.”

In addition to the scans, the state was targeted repeatedly by another type of intrusion known as a “SQL injection attack.”

“State 6 saw the highest number of SQL attempts of any state,” the report said.

Much of the report is redacted, but it appears that at least two other states were targeted by SQL injections. According to the report, Russian actors used other techniques, including spearfishing, in addition to the scan and SQL attempts.

The Senate Intelligence Committee said neither it nor DHS could discern a pattern in the known attempted intrusions, leading the federal government to believe that all 50 states may have been scanned.

“DHS acknowledged that the U.S. Government does not have perfect insight, and it is possible the IC missed some activity or that states did not notice intrusion attempts or report them,” the Intel Committee report said.

The Senate Intel report said that it was still unclear exactly why Russian hackers sought intrude on state election systems, but it offered a few theories:

Overall, the report said, the Intelligence Community believes that the activity was in line of Russia’s larger goal of “undermining the integrity of elections and American confidence in democracy.

As TPM previously reported, Russian hackers successfully infiltrated Illinois’ voter registration data base but the committee found no evidence that the hackers tampered with the voter registration data, even though they were in the position to.

The report later quotes Obama administration Homeland Security Advisor Lisa Monaco explaining what kind of chaos would ensue if Russians had tampered with voter registration records.

Much of the report details tensions between state and federal officials as they scrambled to understand and deal with the attempted cyber-intrusions. The Obama administration held an August 2016 conference call with state officials to raise concerns about potential vulnerabilities.

The state officials did not react well to the Obama administration assertions on the call, per the report, and pushed back particularly when Obama’s DHS floated designating election systems as critical infrastructure. The administration ultimately pushed back the designation until early 2017 — in part due to the blowback from the states.

Read the report here:

Latest Muckraker
221
Show Comments

Notable Replies

  1. “The account comes in the form of the Senate Intelligence Committee’s report on election security, the first volume of the panel’s Russia report.”

    And after the GOP Senate shot down election security legislation twice in 24 hours. I guess the report says all is well and don’t you worry that you have no paper receipt because those voting machines weren’t hacked or just plain rigged to give Trump your votes, we promise.

  2. And the trump campaign actively engaged Russian efforts

    Nothing impeachable here

  3. Recommendations? Huh. If only there was a bill already passed by the House the Senate could vote on to address some of their concerns.

  4. MSM: No optics? Losers! What a waste of time! We won’t report on this!

  5. So this report uber-exonerates Dotard?

Continue the discussion at forums.talkingpointsmemo.com

215 more replies

Participants

Avatar for sandi Avatar for slbinva Avatar for ncsteve Avatar for eggrollian Avatar for cervantes Avatar for turdburgler Avatar for sniffit Avatar for christianhankel Avatar for daveyjones64 Avatar for ralph_vonholst Avatar for cd Avatar for fiftygigs Avatar for darrtown Avatar for thunderclapnewman Avatar for tena Avatar for junebug Avatar for Ken_a_roni Avatar for castor_troy Avatar for khyber900 Avatar for maximus Avatar for carolson Avatar for iamsmall Avatar for karenldr2009 Avatar for holywah

Continue Discussion
Masthead Masthead
Founder & Editor-in-Chief:
Executive Editor:
Managing Editor:
Deputy Editor:
Editor at Large:
General Counsel:
Publisher:
Head of Product:
Director of Technology:
Associate Publisher:
Front End Developer:
Senior Designer: