The Free Internet Project

Summary of Senate Intelligence Committee Report: “Russian Efforts Against Election Infrastructure”

On July 25, the Senate Select Committee on Intelligence published Volume I of a report on Russian Active Measures Campaigns and Interference.  The report stems from the committee’s bipartisan investigation into a wide range of Russian activities relating to the 2016 U.S. presidential election. Volume I reaffirmed the Intelligence Community Assessment (ICA)  that  Russian intelligence accessed elements of multiple state or local electoral boards prior to the 2016 presidential election. According to the Report, DHS concluded that the Russian government likely researched the electoral system in place in all 50 states. In fact, by September 2017, DHS concluded that 21 states were explicitly targeted by Russian government cyber actors.

The Committee determined that “scanning” of election-related state infrastructure was the most widespread activity conducted by the Russian government prior to the election. Scanning is a form of reconnaissance where an adversary searches for weaknesses, access points, and vulnerabilities. Dr. Samuel Liles, Acting Director of Cyber Division for the Office of Intelligence and Analysis, characterized these activities as “analogous to somebody walking down the street and looking to see if you are home. A small number of systems were unsuccessfully exploited, as though somebody had rattled the doorknob but was unable to get in . . . [however] a small number of the networks were successfully exploited. They made it through the door."

It should be noted that the Report provides no evidence that votes were changed, vote tallying systems were manipulated, or that any voter registration data was altered or deleted during the 2016 election cycle. Despite this, there is reason to believe that Russia will continue to escalate its interference in future elections. When testifying before the Committee, Michael Daniel, former Assistant and Cybersecurity Coordinator for President Obama, warned that mapping is done “so that [Russia] could actually understand the network [and] establish a presence so [they] could come back later and actually execute an operation.” Moreover, in an addendum providing the additional views of Senators Harris (D-CA), Bennet (D-CO), and Heinrich (D-NM), the Report states that “Russian operatives undoubtedly gained familiarity with our election systems and voter registration infrastructure—valuable intelligence that it may seek to exploit in the future.”

At the end of the Report, the Committee provided a comprehensive list of recommendations aimed at preventing Russia from interfering in future elections.

1.  Reinforce States' Primacy in Running Elections

The Committee recommends reinforcing the role of each state in administering elections while the federal government should ensure they receive the necessary resources and information. This recommendation received pushback from Senator Wyden (D-OR) who calls for mandatory, nation-wide cybersecurity requirements. Wyden argues that Congress's constitutional role in regulating federal elections is well-established and that the Russian attacks are too complex and too serious to be left solely to state and local officials. Wyden went so far as to say that “[w]e would not ask a local sheriff to go to war against the missiles, planes and tanks of the Russian Army. We shouldn't ask a county election IT employee to fight a war against the full capabilities and vast resources of Russia's cyber army.”

2.  Create Effective Deterrence

The Committee recommends that the U.S. establish an international cyber doctrine to limit certain cyber activity. This doctrine would be similar to the existing international norms and treaties about the use of technologies and weapons systems. The government should treat a violation of this doctrine would be viewed as a hostile act and will be responded to appropriately. The Committee made it clear that the U.S. “should not limit its response to cyber activity; rather, it should create a menu of potential responses that will send a clear message and create significant costs for the perpetrator.”

3.  Improve Information Gathering and Sharing on Threats

 The Committee recommends that the federal government, state governments, and local governments should establish clear channels of communication between one another. While this may seem rather rudimentary on its face, one of the key components of information sharing about elections is security clearances for appropriate officials at the state and local level. Since the 2016 election, DHS has compiled a list of officials to contact in every state if there is a threat. In addition, DHS is seeking to obtain security clearances for up to three election officials per state. Lastly, federal officials are working to declassify information in order to provide the greatest possible warning to state and local officials without compromising our own national intelligence.

4.  Secure Election-Related Cyber Systems

Despite the expense, the Committee recommends that cybersecurity needs to become a higher priority for election-related infrastructure. To do this, election officials should work with DHS to evaluate the security of their election systems, voter registration systems, state records, and other pre-election activities. The Report stated that in 2016, “cybersecurity for electoral infrastructure at the state and local level was sorely lacking.” The Committee additionally recommends that DHS creates an advisory panel to give expert-level advice on how states and localities run elections. Using this advice, DHS should develop procedures and processes to evaluate and routinely provide guidance on relevant vulnerabilities associated with voting systems.

5.  Take Steps to Secure the Vote Itself

The Committee recommends that states act with urgency to replace outdated and vulnerable voting systems. At a minimum, any machine purchased going forward should have a voter-verified paper trail and remove (or render inert) any wireless networking capability. This is because paper ballots and optical scanners are the least vulnerable to cyber-attack. However, in order for paper ballots to be a legitimate means of tallying votes, there must be a secure chain of custody for those ballots. For this reason, the Committee recommends that states reexamine their safeguards against insertion of fraudulent paper ballots at the local level. Lastly, the Committee recommended that vendors of election equipment be briefed about the vulnerabilities in both the machines and the supply chains for the components of their machines.

6.  Assistance for the States

Finally, the Committee outlined its assessment of how the federal government can assist state and local governments in ensuring free and fair elections. State officials told the Committee the main obstacle to improving cybersecurity and purchasing more secure voting machines is cost. In March 2018, Congress appropriated $280 million in grants aimed at improving election security. Among other things, these funds will go toward replacing voting machines, hiring additional IT staff, updating software, and contracting with vendors to provide cybersecurity services. The Committee recommends that the Election Assistance Commission—the entity responsible for administering the grants—regularly report to Congress on how the states are using those funds, whether more funds are needed, and whether states have both replaced outdated voting equipment and improved cybersecurity.

Above all, this Report serves as a reminder that since 2014, Russia has been exploiting weaknesses in the American electoral system in order to sow discord and distrust among the American public. As former Deputy Director of the FBI, Andrew McCabe, told the Committee, the Russians “might not be effective the first time or the fifth time, but they are going to keep at it until they can come back and do it in an effective way." The committee plans to release several more installments of its report in the fall, focusing on the "Intelligence Community Assessment (ICA) of Russian interference, the Obama Administration’s response to Russian interference, the role of social media disinformation campaigns, and remaining counterintelligence questions."