The Senate Intelligence Committee has just released the first section of its report on 2016 Russian interference, which found that hackers likely tried to access election systems in all 50 states, confirming widespread fears that America’s election system may not be secure from attack.
For the past two and a half years, the panel led by Chair Sen. Richard Burr (R-NC) and Vice Chair Sen. Mark Warner (D-VA) has reviewed the intelligence that the Kremlin sought to meddle in the last presidential election, an effort separate from the highly partisan probe in the House that ended in 2018 and found no collusion between the Trump campaign and Russia.
The document released on Thursday afternoon — one day after former special counsel Robert Mueller testified in front of Congress on his effort — is not the entirety of the committee’s findings. It’s one of five volumes the panel will release over the coming month. This report focuses specifically on Russian efforts to infiltrate election infrastructure — that is, the actual systems that allow citizens to vote across the country.
The heavily redacted report contains almost entirely known information, so in that sense it’s not a bombshell document. But it does detail how Russia “directed extensive activity, beginning in at least 2014 and carrying into at least 2017, against US election infrastructure at the state and local level.”
It underscores two vital points: 1) that determined foreign actors can gain access to America’s election infrastructure, and 2) Russia is skilled and willing to meddle inside of it.
“The facts are clear: The Russian government mounted a deliberate and systematic attack on America’s election infrastructure in 2016,” Sen. Kamala Harris (D-CA), a member of the committee and a 2020 presidential candidate, said in an emailed statement to reporters.
America’s election infrastructure is clearly vulnerable
The US election system is a labyrinth. The voting process is overseen by a mix of state and local governments that use different machines, software, and processes to count votes. The fact that it’s such a complicated hodgepodge for years made experts optimistic that it would be difficult for a hostile actor to seriously infiltrate.
They should be worried now. The key part of the report shows that it’s very likely all 50 states were targeted by Russian hackers. That doesn’t meant Moscow got into all of the states’ systems, just that it infiltrated at least one system in that state. The report did not find any evidence that hackers were able to change votes.
But because there was no discernible pattern, intelligence professionals and other US officials believe Russia likely aimed to gain access to any systems it could to better understand what it all looks like.
“What it mostly looked like to us was reconnaissance,” Michael Daniel, a top cybersecurity official at the White House during the Obama administration, told the committee in 2017. “I would have characterized it at the time as sort of conducting the reconnaissance to do the network mapping, to do the topology mapping so that you could actually understand the network, establish a presence so you could come back later and actually execute an operation.”
The document shows that Moscow’s military hackers significantly infiltrated 21 states in 2016 but had varying degrees of success they accessed those systems.
SSCI’s report lays out what Russian military hackers tried to do in 21 different states in 2016, to varying degrees of success. pic.twitter.com/drJd6aUS6V— Benjamin Freed (@brfreed) July 25, 2019
The best-known case mentioned in the report is Illinois, the only named state in the document (all the others were identified by numbers).
As of the end of 2018, it reads, “Russian cyber actors had successfully penetrated Illinois’s voter registration database, viewed multiple database tables, and accessed up to 200,000 voter registration records.” Hackers were able to take out “an unknown quantity of voter registration data” and “were in a position to delete or change voter data,” though the Senate panel saw no evidence of that.
Luckily, the panel found “no evidence that any votes were changed or that any voting machines were manipulated” across the entirety of the voting infrastructure. What’s more, it looks like Russian actors didn’t even try to manipulate the vote on election day in 2016, though the report notes that “the Committee and IC’s [intelligence community’s] insight into this is limited.”
So the report apparently found Russia’s infiltration was seemingly more a fact-finding mission than anything else, not really an attempt to directly alter the vote count. That may sound reassuring, but the worry is that Moscow could potentially do more damage in the future.
Russia meddles in US elections to undermine confidence in America’s democracy
In January 2017, the FBI, CIA, and NSA clearly assessed that Russia did interfere in the 2016 presidential election, and that one of the reasons it did so was “to undermine public faith in the US democratic process.” The Senate Intelligence Committee’s report agrees.
“Based on what the IC knows about Russia’s operating procedures and intentions more broadly, the IC assesses that Russia’s activities against U.S. election infrastructure likely sought to further their overarching goal: undermining the integrity of elections and American confidence in democracy.”
Russia surely knew that US officials would find its hackers sneaking around inside election systems across the country. It also surely knew that officials would eventually release that information to the public. Finally, it was surely aware that the American people might bristle at that news.
That nervousness erodes the core of US democracy: that every individual’s voice and vote matters and will be heard and counted.
The Russian embassy was also open with the State Department that it wanted officially to observe the US election. But it also went around that traditional channel to seek permission from state and local governments. That is highly unusual, experts say, and speaks to how much interest Russia has in getting to know the ins and outs of America’s decentralized voting apparatus.
The question now is if this report will galvanize support in Congress for an election-security bill, especially as researchers say other nations will follow Russia’s playbook in 2020 and beyond. GOP lawmakers blocked a House-passed measure just hours after Mueller’s testimony on Wednesday, citing their belief that the US has already done enough to safeguard American elections.
But the report makes clear that’s just not true. “Russian efforts exploited the seams between federal authorities and capabilities, and protections for the states,” the report states. “State election officials, who have primacy in running elections, were not sufficiently warned or prepared to handle an attack from a hostile nation-state actor.”
Which means if nothing changes soon, 2016 may just be the precursor of worse things to come.