Former DHS boss says 'no evidence' of tampering in 2016 vote count

Jeh Johnson 

Former DHS Secretary Jeh Johnson returned to Caption Hill as a private citizen to testify about Russian intrusion into U.S. voting systems.

At a House hearing, former Homeland Security Secretary Jeh Johnson testified that Russian interference in U.S. elections did not extend to manipulating vote counts, as far as he knows.

"I know of no evidence that through cyber intrusions votes were altered or suppressed in some way," Johnson said at the June 21 hearing of the Permanent Select Committee on Intelligence.

Johnson told lawmakers that the level of Russian state interference with U.S. voting systems was "unprecedented in scale and scope," and said the U.S. government must figure out how to respond in the future because he believes that more attacks on the election systems are coming in 2018 and 2020.

Two things that are likely not going to happen, though, is a centralization of U.S. voting systems or federal standards for voting equipment.

"Well, I would say to this Congress, if you want to try to federalize elections in this country, good luck," Johnson told lawmakers.

He thinks Congress will have better luck encouraging cybersecurity best practices in state and local governments that procure and operate election systems through grants and other incentives.

Johnson also is advocating for an identifiable top federal official to "take the mantle of cybersecurity on full time to highlight this issue," he said.

"My preference would be somebody within DHS, but we really need a national leader to take charge of this issue," he said.

Johnson also sought to sooth those officials who were concerned by his designation of voting systems as "critical infrastructure" in January just before exiting government service. Among the benefits, Johnson said, is that critical infrastructure systems come under the protection of international cyber norms, and that the designation had been extended to 16 sectors already including financial systems and power grids, without any government takeover, new regulation or operational interference.

"This was something that was a no-brainer, and in fact probably should have been done years before."

He added that state and local voter registration databases are vulnerable to exfiltration, exposure and manipulation. Johnson advised all election officials "to undertake an effort to harden their cybersecurity [and] minimize the exposure of the process to the internet."

'We've got Crowdstrike'

Johnson also offered details on the response of Democratic National Committee officials to the Russia-linked hack of their systems that led to the exposure of email accounts from top officials, including those of Hillary Clinton's campaign chairman John Podesta.

DNC officials did not invite DHS cybersecurity experts in to help discover the source of the attacks and minimize the damage.

"This was a question I asked repeatedly," Johnson said. "What are we doing? Are we helping them discover the vulnerabilities?"

The DNC intrusion came about a year after the devastating breach of Office of Personnel Management databases that held information on more than 21 million federal employees and retirees. DHS, according to Johnson, was "anxious" to offer help.

"The response I got was that FBI had spoken to them. They don't want our help. They have Crowdstrike, the cybersecurity firm," Johnson said.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.