Washington, D.C. — Today, the Senate Intelligence Committee, on which U.S. Senators Susan Collins (R-ME) and Angus King (I-ME) serve, released “Russian Efforts Against Election Infrastructure,” the first volume in the Committee’s bipartisan investigation into Russia’s attempts to interfere with the 2016 U.S. election.
Today’s installment builds upon the unclassified summary findings on election security released by the Committee in May 2018. This was the first volume completed due to the fundamental importance and urgency of defending our democratic elections.
As part of its investigation, the Committee will also release final volumes examining the Intelligence Community Assessment (ICA) of Russian interference, the Obama Administration’s response to Russian interference, the role of social media disinformation campaigns, and remaining counterintelligence questions. The Committee has submitted its volume on social media for declassification review and intends to release the remaining installments in fall 2019.
The Committee’s investigation has spanned more than 15 open hearings, more than 200 witness interviews, and nearly 400,000 documents.
“Over the past two years, the Senate Intelligence Committee has investigated Russia’s relentless efforts to interfere in the 2016 election and its continuing efforts to undermine our democratic institutions. This issue is far too important for it to break down along partisan lines, and I am pleased that the committee’s examination, which involved multiple public hearings and interviews with more than 200 witnesses, remained bipartisan,” said Senator Collins. “We are now in the final stages of wrapping up our investigation, and the release of the first chapter of the Committee’s report today provides irrefutable evidence of Russia’s ongoing efforts to interfere in our electoral process and to influence and divide public opinion in our country. It is clear that Congress must take strong action to deter foreign nations from attempting to disrupt our elections. We should also move forward with securing our electoral process, the cornerstone of our democracy, by providing additional training and support to state election officials who are on the frontlines.”
“Today’s report is the product of an intensive, thorough, and bipartisan effort to understand the breadth of foreign interference in the 2016 election,” said Senator King. “Our findings are at once deeply concerning and fully expected – as has been previously and unequivocally stated by the Intelligence Community, it is clear that the Russians executed a sophisticated and serious attack on our democratic processes. There should be no further confusion about who attacked us: it was the Russians, and we need to protect ourselves because if we remain vulnerable, they or other hostile actors will attack us again. This volume puts forward important recommendations as to how we can defend our elections in the future – but it has to be a bipartisan effort. Just today, the Senate Majority Leader again blocked much-needed legislation to improve our electoral infrastructure, and I just can’t understand why. Elections are the backbone of our system of government – as is our confidence in them – and we need to act now to protect them in 2020 and beyond.”
Key Findings and Recommendations:
- The Russian government directed extensive activity against U.S. election infrastructure. The Committee found the activity directed at the state and local level began in at least 2014 and carried into at least 2017. The Committee has seen no evidence that any votes were changed or that any voting machines were manipulated.
- Russian efforts exploited the seams between federal authorities and capabilities, and protection for the states. The Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) are, by design, limited in domestic cybersecurity authorities. State election officials, who have primacy in running elections, were not sufficiently warned or prepared to handle an attack from a hostile nation-state actor.
- DHS and FBI warnings to the states in the late summer and fall of 2016 did not provide enough information or go to the appropriate people. The Committee found that while the alerts were actionable, they provided no clear reason for states to take the threat more seriously than other warnings.
- DHS has redoubled its efforts to build trust with the states and deploy resources to assist in securing elections. Since 2016, DHS has made great strides in learning how election procedures vary across states and how to best assist those states. The Committee determined DHS’s work to bolster states’ cybersecurity has likely been effective but believes more needs to be done to coordinate efforts.
- Russian activities demand renewed attention to vulnerabilities in U.S. voting infrastructure. Cybersecurity for electoral infrastructure at the state and local level was sorely lacking in 2016. Despite increased focus over the last three years, some of these vulnerabilities, including aging voting equipment, remain. As states look to replace machines that are now out of date, they should purchase more secure voting machines. At a minimum, any machine purchased going forward should have a voter-verified paper trail.
- Congress should evaluate the results of the $380 million in state election security grants allocated in 2018. States should be able to use grant funds provided under the Help America Vote Act (HAVA) to improve cybersecurity in a variety of ways, including hiring additional IT staff, updating software, and contracting vendors to provide cybersecurity services. When those funds are spent, Congress should evaluate the results and consider an additional appropriation to address remaining insecure voting machines and systems.
- DHS and other federal government entities remain respectful of the limits of federal involvement in state election systems. America’s decentralized election system can be a strength against cybersecurity threats. However, the federal government and states should each be aware of their own cybersecurity limitations and know both how and when to obtain assistance. States should remain firmly in the lead on running elections, and the federal government should ensure they receive the necessary resources and information.
- The United States must create effective deterrence. The United States should communicate to adversaries that it will view an attack on its election infrastructure as a hostile act and respond accordingly. The U.S. government should not limit its response to cyber activity; rather, it should create a menu of potential responses that will send a clear message and create significant costs for the perpetrator.