The Senate Intelligence Committee released the first volume of its long-awaited bipartisan report into Russian election interference efforts on Thursday, providing new details on how Russian government hackers "directed extensive activity against U.S. election infrastructure" — and potentially identified vulnerabilities that they can exploit in upcoming elections.
The partially redacted report also faulted the FBI and Department of Homeland Security (DHS) for providing inadequate warnings to state governments. The panel found that alerts often went to the wrong people or contained insufficient information, and blended in with previous general warnings the states had received.
"DHS and FBI alerted states to the threat of cyber attacks in the late summer and fall of 2016, but the warnings did not provide enough information or go to the right people," the report stated. "Alerts were actionable, in that they provided malicious Internet Protocol (IP) addresses to information technology (IT) professionals, but they provided no clear reason for states to take this threat more seriously than any other alert received."
The report continued: "In its review of the 2016 elections, the Committee found no evidence that vote tallies were altered or that voter registry files were deleted or modified, though the Committee and IC's [intelligence community's] insight into this is limited."
The document comes on the heels of Robert Mueller's at times weary testimony on Capitol Hill on Wednesday, when the former special counsel warned that "many more countries are developing capabilities to replicate" Moscow's activities.
However, the committee said that a major purpose of Russia's involvement may have been to cause hysteria, and affect America's confidence in democracy. In fact, the panel said, Russia may have wanted their activities to be discovered.
"While the Committee does not know with confidence what Moscow's intentions were, Russia may have been probing vulnerabilities in voting systems to exploit later," the report stated. "Alternatively, Moscow may have sought to undermine confidence in the 2016 U.S. elections simply through the discovery of their activity."
The panel's analysis offers extensive forensic documentation of Russian electronic interference efforts. Evidence of "scanning of state election systems first appeared in the summer prior to the 2016 election," according to the report. In mid-July 2016, Illinois "discovered anomalous network activity, specifically a large increase in outbound data, on an Illinois Board of Elections' voter registry website," prompting an FBI investigation.
Michael Daniel, a former Assistant to the President and Cybersecurity Coordinator at the National Security Council, told the committee in 2017, "What it mostly looked like to us was reconnaissance."
"I would have characterized it at the time as sort of conducting the reconnaissance to do the network mapping, to do the topology mapping so that you could actually understand the network, establish a presence so you could come back later and actually execute an operation," Daniel said.
"Moscow may have sought to undermine confidence in the 2016 U.S. elections simply through the discovery of their activity."
— Senate Intelligence Committee report
In all, the committee said it reached out to 21 states about scanning activity on their networks. One state, which the report did not identify other than as "State 6," reported that "cyber actors" had scanned "the entire state IT infrastructure, including by using the Acunetix tool, but the 'affected systems' were the Secretary of State's web application and the election results website. If the penetration had been successful, actors could have manipulated the unofficial display of the election tallies. State officials believed they would have caught any inconsistency quickly."
The reported added that the state "became aware of this malicious activity and alerted partners. DHS reported that GRU [Russian] actors scanned State 6, then unsuccessfully attempted many SQL injection attacks. State 6 saw the highest number of SQL attempts of any state."
The report noted that Congress in 2018 appropriated $380 million in grant money "for the states to bolster cybersecurity and replace vulnerable voting machines," and recommended that those efforts be closely monitored.
The GOP-controlled Senate killed several election-security bills that had been pushed by Democrats in the hours after Mueller's testimony, including a bill to provide $775 million to enhance election system security, and a bill that would have required that campaigns report all offers of foreign assistance to the FBI.
Republicans have said the money was already allocated from a prior bill, and that the money was not needed immediately. They have also called the requirement that the FBI become involved whenever foreign assistance is offered unnecessary, given existing campaign finance laws, and the possible unconstitutionality of restricting speech with foreigners.
Trump meets with Russian president during G20 summit; chief White House correspondent John Roberts reports.
The report also called for voting systems to include a paper trail in the event audits are needed.
“In 2016, the U.S. was unprepared at all levels of government for a concerted attack from a determined foreign adversary on our election infrastructure," North Carolina Republican Sen. Richard Burr, the panel's chairman, said in a statement. "Since then, we have learned much more about the nature of Russia’s cyberactivities and better understand the real and urgent threat they pose. The Department of Homeland Security and state and local elections officials have dramatically changed how they approach election security, working together to bridge gaps in information sharing and shore up vulnerabilities."
Burr added: “There is still much work that remains to be done, however. I am grateful to the many states that provided their points of view, which helped inform our recommendations. It is my hope that the Senate Intelligence Committee’s bipartisan report will provide the American people with valuable insight into the election security threats still facing our nation and the ways we can address them.”
Virginia Sen. Mark Warner, a Democrat and the committee's ranking member, said "neither the federal government nor the states were adequately prepared" when "the Russians attacked elections systems in 2016."
"Our bipartisan investigation identified multiple problems and information gaps that hindered our ability to effectively respond and defend against the Russian attack in 2016," Warner continued. "I hope the bipartisan findings and recommendations outlined in this report will underscore to the White House and all of our colleagues, regardless of political party, that this threat remains urgent, and we have a responsibility to defend our democracy against it.”
Reacting to the report, Democratic presidential candidate Kamala Harris said it's important to encourage "state and local governments to audit and replace outdated voting systems, providing states with the funding they need to modernize their election infrastructure, and requiring paper ballots in all federal elections."
“Our adversaries seek to weaken our democracy and reduce public confidence in the integrity of our elections," Harris said. "We must not allow them to succeed.”
Fox News' Catherine Herridge contributed to this report.