Senator pushes for answers on scope of 2016 Russia voting probes
- By Derek B. Johnson
- Apr 24, 2018
A Department of Homeland Security official acknowledged that more than 21 states could have been targeted by Russian hackers prior to the 2016 election and told lawmakers the department hasn’t seen any similar activity in the lead-up to the 2018 mid-terms.
In an April 24 Senate Homeland Security and Governmental Affairs Committee hearing, Jeanette Manfra, assistant secretary for the office of cybersecurity and communications, fended off questions about whether the department had "misled" Congress and the American public about how many states had been targeted by Russian hackers in the lead-up to the 2016 presidential elections.
The department has consistently pegged the number of states affected at 21, but Sen. Claire McCaskill (D-Mo.) pointed out that number reflects only the number of states that had sensors or tools in place to capture the scanning activity.
Manfra largely agreed with that interpretation.
"The 21 states references the visibility that we had, whether that was the intelligence community or the sensors, of Russian targeting of state infrastructure related to elections," she said.
When Manfra didn’t provide a clear answer to a question about how many of the remaining 29 states had similar detection capacity, McCaskill accused DHS of failing to provide a complete picture about the scope of the attacks on U.S. election infrastructure.
"That would be something we'd want to know, because I think the American people have been misled here," said McCaskill. "Because it’s my understanding that a number of the states don't have the tools to capture that activity, so we really have no idea how many states that Russia tried to hack."
Manfra said the department assumes the majority of states were actually targeted, but that states and DHS were only able to conclusively detect activity for 21. Bloomberg News reported in June 2017 that as many as 39 states had reported to DHS about finding traces of hackers in their systems, though it's not clear whether those states were reporting scanning of public websites or penetration into election IT infrastructure.
Manfra also told the committee that DHS has not seen any evidence thus far of similar scanning or probing in the lead-up to the 2018 mid-term elections.
An official from the National Institute for Standards and Technology confirmed that DHS officials made similar comments a day before at an Election Assistance Commission Board of Advisors meeting.
While Manfra was referencing only one specific aspect of Russia’s alleged influence operation – scanning and probing of state election IT systems – U.S. officials at intelligence agencies and DHS have consistently said they expect to see more attempts at election interference from Russia and other countries in the future.
In a February report assessing threats around the globe, Director of National Intelligence Dan Coates cited the 2018 mid-term elections as a potential target for Russian influence operations and said that "at a minimum," the intelligence community expects the nation will continue to utilize propaganda, social media, false-flag personas, sympathetic spokespeople and “other means” to sow discord within the U.S. political system.
At an event sponsored by the Election Assistance Commission in January, then-acting DHS Deputy Undersecretary Bob Kolasky said, "we have seen no evidence that the Russian government has changed its intent or capability with respect to meddling with the U.S. election system."
Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.
Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.
Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at firstname.lastname@example.org, or follow him on Twitter @derekdoestech.
Click here for previous articles by Johnson.