b"<html>\n<title> - RUSSIAN INTERFERENCE IN THE 2016 U.S. ELECTIONS</title>\n<body><pre>[Senate Hearing 115-92]\n[From the U.S. Government Publishing Office]\n\n\n\n\n                                                         S. Hrg. 115-92\n \n            RUSSIAN INTERFERENCE IN THE 2016 U.S. ELECTIONS\n\n=======================================================================\n\n                                HEARING\n\n                               BEFORE THE\n\n                    SELECT COMMITTEE ON INTELLIGENCE\n\n                                 OF THE\n\n                          UNITED STATES SENATE\n\n                     ONE HUNDRED FIFTEENTH CONGRESS\n\n                             FIRST SESSION\n\n                               __________\n\n                        WEDNESDAY, JUNE 21, 2017\n\n                               __________\n\n      Printed for the use of the Select Committee on Intelligence\n      \n      \n      \n      \n [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]      \n \n\n\n         Available via the World Wide Web: http://www.fdsys.gov\n         \n         \n         \n         \n                            _________ \n\n                U.S. GOVERNMENT PUBLISHING OFFICE\n                   \n 26-125 PDF               WASHINGTON : 2017       \n____________________________________________________________________\n For sale by the Superintendent of Documents, U.S. Government Publishing Office,\nInternet:bookstore.gpo.gov. Phone:toll free (866)512-1800;DC area (202)512-1800\n  Fax:(202) 512-2104 Mail:Stop IDCC,Washington,DC 20402-001            \n         \n         \n         \n         \n         \n         \n         \n         \n         \n                    SELECT COMMITTEE ON INTELLIGENCE\n\n           [Established by S. Res. 400, 94th Cong., 2d Sess.]\n\n                 RICHARD BURR, North Carolina, Chairman\n                MARK R. WARNER, Virginia, Vice Chairman\n\nJAMES E. RISCH, Idaho                DIANNE FEINSTEIN, California\nMARCO RUBIO, Florida                 RON WYDEN, Oregon\nSUSAN COLLINS, Maine                 MARTIN HEINRICH, New Mexico\nROY BLUNT, Missouri                  ANGUS KING, Maine\nJAMES LANKFORD, Oklahoma             JOE MANCHIN III, West Virginia\nTOM COTTON, Arkansas                 KAMALA HARRIS, California\nJOHN CORNYN, Texas\n                 MITCH McCONNELL, Kentucky, Ex Officio\n                  CHUCK SCHUMER, New York, Ex Officio\n                    JOHN McCAIN, Arizona, Ex Officio\n                  JACK REED, Rhode Island, Ex Officio\n                              ----------                              \n                      Chris Joyner, Staff Director\n                 Michael Casey, Minority Staff Director\n                   Kelsey Stroud Bailey, Chief Clerk\n                   \n                   \n                                CONTENTS\n\n                              ----------                              \n\n                             JUNE 21, 2017\n\n                           OPENING STATEMENTS\n\nBurr, Hon. Richard, Chairman, a U.S. Senator from North Carolina.     1\nWarner, Hon. Mark R., Vice Chairman, a U.S. Senator from Virginia     2\n\n                               WITNESSES\n\nLiles, Sam, Acting Director, Office of Intelligence and Analysis, \n  Cyber Division, Department of Homeland Security................     4\nManfra, Jeanette, Undersecretary of Homeland Security, and Acting \n  Director, National Protection and Programs Directorate.........     6\n    Prepared statement...........................................     8\nPriestap, Bill, Assistant Director, Counterintelligence Division, \n  Federal Bureau of Investigation................................    15\n    Prepared statement...........................................    16\nLawson, Connie, Indiana Secretary of State and President-Elect, \n  National Association of Secretaries of State...................    48\n    Prepared statement...........................................    50\nHaas, Michael, Midwest Regional Representative, National \n  Association of State Election Directors........................    59\n    Prepared statement...........................................    62\nSandvoss, Steve, Executive Director, Illinois State Board of \n  Elections......................................................    68\n    Prepared statement...........................................    70\nHalderman, J. Alex, Professor of Computer Science and \n  Engineering, University of Michigan............................    72\n    Prepared statement...........................................    74\n\n                         SUPPLEMENTAL MATERIAL\n\nPhishing email received by Billy Rinehart of DNC.................    37\nReport titled ``Securing Elections from Foreign Interference'' \n  submitted by Senator Warner....................................    96\nQuestions for the record.........................................   134\n\n\n            RUSSIAN INTERFERENCE IN THE 2016 U.S. ELECTIONS\n\n                              ----------                              \n\n\n                        WEDNESDAY, JUNE 21, 2017\n\n                                       U.S. Senate,\n                          Select Committee on Intelligence,\n                                                    Washington, DC.\n    The Committee met, pursuant to notice, at 9:32 a.m. in Room \nSH-216, Hart Senate Office Building, Hon. Richard Burr \n(Chairman of the Committee) presiding.\n    Committee Members Present: Senators Burr, Warner, Risch, \nRubio, Collins, Blunt, Lankford, Cotton, Cornyn, Feinstein, \nWyden, Heinrich, King, Manchin, Harris, and Reed.\n\n   OPENING STATEMENT OF HON. RICHARD BURR, CHAIRMAN, A U.S. \n                  SENATOR FROM NORTH CAROLINA\n\n    Chairman Burr. I'd like to call the hearing to order.\n    Today the Committee convenes its sixth open hearing of \n2017, to further examine Russia's interference in the 2016 \nelections. This is yet another opportunity for the Committee \nand the American people to drill down on this vitally important \ntopic.\n    In 2016, a hostile foreign power reached down to the State \nand local levels to touch voter data. It employed relatively \nsophisticated cyber tools and capabilities and helped Moscow to \npotentially build detailed knowledge of how our elections work. \nIt was also another example of Russian efforts to interfere \ninto a democracy with the goal of undermining our system. In \n2016, we were woefully unprepared to defend and respond and I'm \nhopeful that we will not be caught flatfooted again.\n    Our witnesses are here to tell us more about what happened \nin 2016, what that tells us about Russian intentions, and what \nwe should expect in 2018 and 2020. I'm deeply concerned that if \nwe do not work in lockstep with the states to secure our \nelections, we could be here in two or four years talking about \na much worse crisis.\n    The hearing will feature two panels. The first panel will \ninclude expert witnesses from DHS and FBI to discuss Russian \nintervention in 2016 elections and U.S. government efforts to \nmitigate the threat. The second panel will include witnesses \nfrom the Illinois State Board of Elections, the National \nAssociation of State Election Directors, the National \nAssociation of Secretaries of States, and an expert on election \nsecurity to give us their on-the-ground perspective on how \nFederal resources might be brought to bear on this very \nimportant issue.\n    For our first panel, I'd like to welcome our witnesses \ntoday: Dr. Samuel Liles, Acting Director of Cyber Division \nwithin the Office of Intelligence and Analysis at the \nDepartment of Homeland Security; Jeanette Manfra, Acting Deputy \nUnder Secretary, National Protection and Programs Directorate, \nalso at DHS.\n    And Jeanette, I think I told you next time you came I did \nnot want ``Acting'' in front of your name. So now I've publicly \nsaid that to everybody at DHS. Hopefully next time that will be \nremoved.\n    And Bill Priestap. Bill's the Assistant Director for \nCounterintelligence Division at the Federal Bureau of \nInvestigation.\n    Bill, I want to thank you for the help that you have \npersonally provided to the investigative staff of this \nCommittee as we've worked through so far over five and a half \nmonths of our investigation into the 2016 elections.\n    As you're well aware, this Committee is in the midst of a \ncomprehensive investigation on the specific issue: the extent \nto which the Russian government under the direction of \nPresident Putin conducted intelligence activities, also known \nas Russian active measures, targeted at the 2016 U.S. \nelections. The intelligence community assesses that, while \nRussian influence obtained and maintained access to elements of \nmultiple U.S. State and local election boards, those systems \nwere not involved in vote tallying.\n    During the first panel, I would like to address the depth \nand the breadth of Russian government cyber activities during \nthe 2016 election cycle, the efforts of the U.S. government to \ndefend against these intrusions, and the steps that DHS and FBI \nare taking to preserve the foundation of our democracy's free \nand fair elections in 2018 and beyond.\n    I thank all three of our first witnesses. I turn to the \nVice Chairman.\n\n  OPENING STATEMENT OF HON. MARK WARNER, A U.S. SENATOR FROM \n                            VIRGINIA\n\n    Vice Chairman Warner. Thank you, Mr. Chairman, and welcome \nto the witnesses. And, Bill, thank you again for all the work \nyou've done with us.\n    We all know that in January the entire intelligence \ncommunity reached the unanimous conclusion that Russia took \nextraordinary steps to intervene in our 2016 Presidential \nelections. Russia's interference in our elections in 2016 I \nbelieve was a watershed moment in our political history. This \nwas one of the most significant events I think any of us on \nthis dais will be asked to address in our time as Senators. And \nonly with a robust and comprehensive response will we be able \nto protect our democratic processes from even more dramatic \nincursions in the future.\n    Much of what the Russians did at this point, I think at \nleast in this room, is--was well known: spreading fake news, \nflooding social media, hacking personal e-mails and leaking \nthem for maximum political benefit. Without firing a shot and \nat minimal cost, Russia sowed chaos in our political system and \nundermined faith in our democratic process. And as we've heard \nfrom earlier witnesses, sometimes that was aided by certain \ncandidates in terms of their comments about the legitimacy of \nour democratic processes.\n    Less well understood, though, is the intelligence \ncommunity's conclusion that they also secured and maintained \naccess to elements of multiple U.S. State and local electoral \nboards. Now, again, as the Chairman has said, there's no reason \nto doubt the validity of the vote totals in the 2016 election. \nHowever, DHS and the FBI have confirmed--and I'm going to come \nback to this repeatedly--only two intrusions into the voter \nregistration databases, in both Arizona and Illinois, even \nthough no data was modified or deleted in those two states.\n    At the same time, we've seen published reports that \nliterally dozens--I've seen one published report that actually \nsaid 39 states--were potentially attacked. Certainly it's good \nnews that the attempts in 2016 did not change the results of \nthat election. But the bad news is this will not be their last \nattempt. And I'm deeply concerned about the danger posed by \nfuture interference in our elections and attempts by Russia to \nundermine confidence in our whole electoral system.\n    We saw Russian--we saw recently--and this was just not \nhappening here, obviously--we saw recently Russian attempts to \ninterfere in the elections in France. And I thank the Chairman \nthat next week we'll be having a hearing on some of these \nRussian efforts in Europe. We can be sure that Russian hackers \nand trolls will continue to refine their tactics in the future, \nespecially if there's no penalty for these malicious attacks.\n    That's again, one reason I think that the Senate voted so \noverwhelmingly last week, and I thank all my colleagues for \nthat 97-2 vote, to strengthen our sanctions on Russia. I hope \nthat that action sends a strong message to Mr. Putin that there \nwill be a heavy price to pay for attacks against the \nfundamental core of our democratic system.\n    Make no mistake, it's likely that we'll see more of these \nattacks not just in America, but against our partners. I heard \nthis morning coming in on the radio that the Russians are \nalready actively engaged in the German election cycle, which \ntakes place this fall.\n    Now, some might say, ``Well, why the urgency?'' I can \nassure you, you know, we have elections in 2018, but in my home \nState of Virginia we have statewide elections this year. So \nthis needs a sense of urgency. The American electoral election \nprocess, the machinery, the Election Day manpower, the actual \ncounting and reporting, primarily is a local and State \nresponsibility. And in many states, including my own, we have a \nvery decentralized approach, which can be both a strength and a \nweakness.\n    In Virginia, for instance, decentralization helps deter \nlarge-scale hacking or manipulation because our system is so \ndiffuse. But Virginia localities use more than a dozen \ndifferent types of voting machines, none of which are connected \nto the Internet while in use, but we have a number of machine-\nread machines, so that the tabulations actually could be broken \ninto on an individual machine basis.\n    All this makes large cyber attacks on electoral systems, \nbecause of the diffusion, more difficult. But it also makes \nmaintaining consistent, coordinated cyber defenses more \nchallenging as well.\n    Furthermore, states may be vulnerable when it comes to the \ndefense of voter registration and voter history databases. \nThat's why I strongly believe that the threat requires us to \nharden our cyber defenses and to thoroughly educate the \nAmerican public about the danger.\n    Yesterday, I wrote to the Secretary of Homeland Security. I \nurged DHS to work closely with State and local election \nofficials to disclose publicly--and I emphasize, publicly--\nwhich states were targeted. Not to embarrass any states, but \nhow can we put the American public on notice when we've only \nrevealed two states, yet we have public reports that there are \nliterally dozens? That makes absolutely no sense.\n    I know it is the position of DHS that since the states were \nvictims, it is their responsibility. But I cannot believe if \nthis was an attack on physical infrastructure in a variety of \nstates, there wouldn't be a more coordinated response.\n    We are not making our country safer if we don't make sure \nthat all Americans realize the breadth and the extent of what \nthe Russians did in 2016 and, frankly, if we don't get our act \ntogether, what they will do in an even more dramatic form in \n2018 and 2020. And candidly, the idea of this kind of \nbureaucratic ``Well, it's not my responsibility, not my job'' I \ndon't believe is an acceptable decision.\n    So, I'm going to hope from our witnesses, particularly our \nDHS witnesses, that we hear a plan on how we can get more \ninformation into the bloodstream, how we can make sure that we \nhave better best practices, so that all states are doing what's \nneeded. I'm not urging or suggesting that in any way the \nFederal Government intervenes in what is a local and State \nresponsibility. But to not put all Americans on notice and to \nhave the number of states that were hacked into or attempted to \nbe hacked into still kept secret is just crazy in my mind.\n    So, my hope is that we will get some answers. I do want to \nthank the fact that in January DHS did designate the Nation's \nelectoral infrastructure as critical infrastructure. That's \nimportant. But if we call it critical infrastructure but then \ndon't tell the public how many states were attacked or \npotentially how many could be attacked in the next cycle, I \ndon't think we get to where we need to be.\n    So, we're going to see more of this. This is the new \nnormal. I appreciate the Chairman for holding this hearing and \nI'm going to look forward very much to getting my questions \nanswered.\n    Thank you.\n    Chairman Burr. Thank you, Vice Chairman.\n    With that, Dr. Liles, I understand you're going to go \nfirst. The floor is yours.\n\nSTATEMENT OF SAM LILES, Ph.D., ACTING DIRECTOR, CYBER DIVISION, \n  OFFICE OF INTELLIGENCE AND ANALYSIS, DEPARTMENT OF HOMELAND \n                            SECURITY\n\n    Dr. Liles. Chairman Burr, Ranking Member Warner, and \ndistinguished members of the Committee, thank you for the \ninvitation to be here. My name is Sam Liles. I represent the \nCyber Analysis Division of the Department of Homeland \nSecurity's Office of Intelligence and Analysis. Our mission is \nto produce cyber-focused intelligence, information, and \nanalysis, represent our operational partners like the NCCIC to \nthe intelligence community, coordinate and collaborate on IC \nproducts, and share intelligence and information with our \ncustomers at the lowest classification possible. We are a team \nof dedicated analysts who take threats to the critical \ninfrastructure of the United States seriously.\n    I'd like to begin by clarifying and characterizing the \nthreat we observed to the election infrastructure in the 2016 \nelection. Prior to the election, we had no indication that \nadversaries or criminals were planning cyber operations against \nthe U.S. election infrastructure that would change the outcome \nof the coming U.S. election.\n    However, throughout spring and early summer 2016, we and \nothers in the IC began to find indications that the Russian \ngovernment was responsible for widely reported compromises and \nleaks of e-mails from U.S. political figures and institutions. \nAs awareness of these activities grew, DHS began in August of \n2016 to receive reports of cyber-enabled scanning and probing \nof election-related infrastructure in some states.\n    From that point on, I&A began working to gather, analyze, \nand share additional information about the threat. I&A \nparticipated in red team events, looking at all possible \nscenarios, collaborated and co-authored production with other \nintelligence community members and the National Intelligence \nCouncil. We provided direct support to the Department's \noperational cyber center, the National Cyber Security and \nCommunications Integration Center, and worked hand-in-hand with \nthe State and local partners to share threat information \nrelated to their networks.\n    By late September, we determined that Internet-connected \nelection-related networks in 21 states were potentially \ntargeted by Russian government cyber actors. It is important to \nnote that none of these systems were involved in vote tallying. \nOur understanding of that targeting, augmented by further \nclassified reporting, is that's still consistent with the scale \nand scope.\n    This activity is best characterized as hackers attempting \nto use commonly available cyber tools to exploit known system \nvulnerabilities. The vast majority of the activity we observed \nwas indicative of simple scanning for vulnerabilities, \nanalogous to somebody walking down the street and looking to \nsee if you are home.\n    A small number of systems were unsuccessfully exploited, as \nthough somebody had rattled the doorknob but was unable to get \nin, so to speak. Finally, a small number of the networks were \nsuccessfully exploited. They made it through the door.\n    Based on the activity we observed, DHS made a series of \nassessments. We started out with, we had no indication prior to \nthe election that adversaries were planning cyber operations \nagainst election infrastructure that would change the outcome \nof the 2016 election. We also assessed that multiple checks and \nredundancies in U.S. election infrastructures, including \ndiversity of systems, non-Internet-connected voting machines, \npre-election testing, and processes for media, campaign, and \nelection officials to check, audit, and validate the results, \nall these made it likely that cyber manipulation of the U.S. \nelection systems intended to change the outcome of the national \nelection would be detected.\n    We also, finally, assessed that the types of systems \nRussian actors targeted or compromised were not involved in \nvote tallying.\n    While we continue to evaluate any and all new available \ninformation, DHS has not altered any of these prior \nassessments. Having characterized the threat as we observed it, \nI'll stop there to allow my NPPD colleague Jeanette Manfra to \ntalk more about how DHS is working with election systems to \nenhance security and resiliency.\n    I look forward to answering your questions.\n    Chairman Burr. Thank you.\n    Ms. Manfra.\n\n    STATEMENT OF JEANETTE MANFRA, ACTING DIRECTOR AND UNDER \n   SECRETARY, NATIONAL PROTECTION AND PROGRAMS DIRECTORATE, \n                DEPARTMENT OF HOMELAND SECURITY\n\n    Ms. Manfra. Thank you, sir. Chairman Burr, Vice Chairman \nWarner, members of this Committee: thank you for today's \nopportunity to represent the men and women that serve in the \nDepartment of Homeland Security.\n    Today I'm here to discuss the Department's mission to \nreduce and eliminate threats to the Nation's critical physical \nand cyber infrastructure, specifically as it relates to our \nelection.\n    Our Nation's cyber infrastructure is under constant attack. \nIn 2016, we saw cyber operations directed against U.S. election \ninfrastructure and political entities. As awareness of these \nactivities grew, DHS and its partners provided actionable \ninformation and capabilities to help election officials \nidentify and mitigate vulnerabilities on their networks.\n    Actionable information led to detections of potentially \nmalicious activity affecting Internet-connected election-\nrelated networks, potentially targeted by Russian cyber actors \nin multiple states. When we became aware of detected activity, \nwe worked with the affected entity to understand if a \nsuccessful intrusion had in fact occurred.\n    Many of these detections represented potentially malicious \nvulnerability scanning activity, not successful intrusions. \nThis activity, in partnership with these potential victims and \ntargets, enhanced our situational awareness of the threat and \nfurther informed our engagement with State and local election \nofficials across the country.\n    Given the vital role that elections have in a free and \ndemocratic society, on January 26 of this year the former \nSecretary of Homeland Security established election \ninfrastructure as a critical infrastructure sub-sector. As \nsuch, DHS is leading Federal efforts to partner with State and \nlocal election officials, as well as private sector vendors, to \nformalize the prioritization of voluntary security-related \nassistance and to ensure that we have the communications \nchannels and protocols, as Senator Warner discussed, to ensure \nthat election officials receive information in a timely manner \nand that we understand how to jointly respond to incidents.\n    Election infrastructure now receives cybersecurity and \ninfrastructure protection assistance similar to what is \nprovided to other critical infrastructure, such as financial \ninstitutions and electric utilities.\n    Our election system is run by State and local governments \nin thousands of jurisdictions across the country. Importantly, \nState and local officials have already been working \nindividually and collectively to reduce risks and ensure the \nintegrity of their elections. As threat actors become \nincreasingly sophisticated, DHS stands in partnership to \nsupport their efforts.\n    Safeguarding and securing cyber space is a core mission at \nDHS. Through our National Cybersecurity and Communications \nCenter, or NCCC, DHS assists State and local customers such as \nelection officials as part of our daily operations. Such \nassistance is completely voluntary. It does not entail \nregulation or Federal oversight. Our role is limited to \nsupport.\n    In this role, we offer three types of assistance: \nassessments, information, and incident response. For the most \npart, DHS has offered two kinds of assistance to State and \nlocal officials: first, the cyber hygiene service for Internet-\nfacing systems provides a recurring report identifying \nvulnerabilities and mitigation recommendations. Second, our \ncybersecurity experts can go on site to conduct risk and \nvulnerability assessments and provide recommendations to the \nowners of those systems for how best to reduce the risk to \ntheir networks.\n    DHS continues to share actionable information on cyber \nthreats and incidents through multiple means. For example, we \npublish best practices for securing voter registration \ndatabases and addressing potential threats to election systems. \nWe share cyber threat indicators and other analysis that \nnetwork defenders can use to secure their systems.\n    We partner with the multistate Information Sharing and \nAnalysis Center to provide threat and vulnerability information \nto State and local officials. This organization is partially \ngrant-funded by DHS and has representatives that sit on our \nNCCC floor and can interact with our analysts and operators on \na 24/7 basis. They can also receive information through our \nfield-based personnel stationed throughout the country and in \npartnership with the FBI.\n    Finally, we provide incident response assistance at request \nto help State and local officials identify and remediate any \npossible cyber incidents. In the case of an attempted \ncompromise affecting election infrastructure, we will share \nthat technical information with other states to assist their \nability to defend their own systems from similar malicious \nactivity.\n    Moving forward, we must recognize that the nature of risk \nfacing our election infrastructure will continue to evolve. \nWith the establishment of an election infrastructure sub-\nsector, DHS is working with stakeholders to establish these \nappropriate coordinating councils and our mechanisms to engage \nwith them. These will formalize our mechanisms for \ncollaboration and ensure long-term sustainability of this \npartnership. We will lead the Federal efforts to support \nelection officials with security and resilience efforts.\n    Before closing, I want to reiterate that we do have \nconfidence in the overall integrity of our electoral system \nbecause our voting infrastructure is fundamentally resilient. \nIt is diverse, subject to local control, and has many checks \nand balances built in. As the risk environment evolves, the \nDepartment will continue to support State and local partners by \nproviding information and offering assistance.\n    Thank you very much for the opportunity to testify, and I \nlook forward to any questions.\n    [The prepared statement of Ms. Manfra follows:]\n\n\n[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]\n\n        \n    Chairman Burr. Thank you very much.\n    Mr. Priestap.\n\n        STATEMENT OF BILL PRIESTAP, ASSISTANT DIRECTOR, \n COUNTERINTELLIGENCE DIVISION, FEDERAL BUREAU OF INVESTIGATION\n\n    Mr. Priestap. Good morning. Chairman Burr, Vice Chairman \nWarner, and members of the Committee: Thank you for the \nopportunity to appear before you today. My statement for the \nrecord has been submitted. And so, rather than restating it, \nI'd like to step back and provide you a description of the \nbroader threat as I see it.\n    My understanding begins by asking one question: What does \nRussia want? As you well know, during the Cold War the Soviet \nUnion was one of the world's two great powers. However, in the \nearly 1990's it collapsed and lost power, stature, and much \nterritory. In a 2005 speech, Vladimir Putin referred to this as \na major catastrophe. The Soviet Union's collapse left the U.S. \nas the sole superpower.\n    Since then, Russia has substantially rebuilt, but it hasn't \nbeen able to fully regain its former status or its former \nterritory. The U.S. is too strong and has too many alliances \nfor Russia to want a military conflict with us. Therefore, \nhoping to regain its prior stature, Russia has decided to try \nto weaken us and our allies.\n    One of the ways Russia has sought to do this is by \ninfluence, rather than brute force. Some people refer to \nRussia's activity in this regard as information warfare, \nbecause it is information that Russia uses as a weapon.\n    In regards to our most recent Presidential election, Russia \nused information to try to undermine the legitimacy of our \nelection process. Russia sought to do this in a simple manner. \nThey collected information via computer intrusions and via \ntheir intelligence officers and they selectively disseminated \ne-mails they hoped would disparage certain political figures \nand shed unflattering light on political processes.\n    They also pushed fake news and propaganda, and they used \nonline amplifiers to spread the information to as many people \nas possible. One of their primary goals was to sow discord and \nundermine a key democratic principle, free and fair elections.\n    In summary, I greatly appreciate the opportunity to be here \ntoday to discuss Russia's election influence efforts. But I \nhope the American people will keep in mind that Russia's \noverall aim is to restore its relative power and prestige by \neroding democratic values. In other words, its election-related \nactivity wasn't a one-time event. Russia will continue to pose \nan influence threat. I look forward to your questions. Thank \nyou.\n    [The prepared statement of Mr. Priestap follows:]\n    \n[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    \n    \n   \n    \n    Chairman Burr. Thank you very much to all of our witnesses.\n    For members, we will proceed by seniority for recognition \nfor up to five minutes, and the Chairman will tell you when you \nhave used all your time if you proceed that far. The Chair \nwould recognize himself for five minutes.\n    Yes or no, to all three of you. Most important question: Do \nyou have any evidence that the votes themselves were changed in \nany way in the 2016 Presidential election?\n    Dr. Liles.\n    Dr. Liles. No, sir. There was no detected change in the \nvote.\n    Chairman Burr. Ms. Manfra.\n    Ms. Manfra. No, sir.\n    Chairman Burr. Mr. Priestap.\n    Mr. Priestap. No, sir.\n    Chairman Burr. Bill, to you. This adversary is determined. \nThey're aggressive and they're getting more sophisticated by \nthe day. The diversity of our election system is a strength, \nbut the intrusions into State systems also show that Moscow is \nwilling to put considerable resources towards an unclear \nresult.\n    In 2016, we saw voter data stolen. How could Moscow \npotentially use that data?\n    Mr. Priestap. They could use the data in a variety of ways. \nUnfortunately, in this setting I can't go into all of them. \nFirst of all, I think they took the data to understand what it \nconsisted of, what's there, so that they can in effect better \nunderstand and plan accordingly.\n    And when I say ``plan accordingly,'' plan accordingly in \nregards to possibly impacting future elections and/or targeting \nof particular individuals, but also by knowing what's there and \nstudying it they can determine if it's it something they can \nmanipulate or not, possibly, going forward. And there's a \ncouple of other things that wouldn't be appropriate in this \nsetting as well.\n    Chairman Burr. To any of you: You've heard the Vice \nChairman talk about his frustration about publicly talking \nabout how many states. Can you tell the American people why you \ncan't disclose which states and the numbers?\n    I'll turn to Ms. Manfra first.\n    Ms. Manfra. Thank you for the question, sir. There are--\nthrough the long history that the Department has in working \nwith the private sector and State and local on critical \ninfrastructure and cybersecurity issues, we believe it is \nimportant to protect the confidentiality that we have and the \ntrust that we have with that community. So when the entity is a \nvictim of a cyber incident, we believe very strongly in \nprotecting the information around that victim.\n    That being said, what we can do is take the technical \ninformation that we learn from the engagement with that victim \nand anonymize it so it is not identified as to what that entity \nor individual is. We can take all the technical information and \nturn that around and share that broadly with whether it's the \naffected sector or broadly across the entire country. And we \nhave multiple mechanisms for sharing that.\n    But we believe that this has been a very important key to \nour success in developing trusted relationships across all of \nthese 16 critical infrastructure sectors.\n    Chairman Burr. Are we prepared today to say publicly how \nmany states were targeted?\n    Ms. Manfra. We, as of right now, we have evidence of 21 \nstates, election-related systems in 21 states that were \ntargeted.\n    Chairman Burr. But in no case were actual vote tallies \naltered in any way, shape, or form?\n    Ms. Manfra. That is correct.\n    Chairman Burr. How did the French respond to the Russian \ninvolvement in the French elections a month ago? Is that \nsomething we followed, the Bureau? Bill?\n    Mr. Priestap. Sir, From the Bureau's standpoint, it's \nsomething we followed from afar. We did have engagement with \nFrench officials, but I'm just not at liberty to go into what \nthose consisted of.\n    Chairman Burr. Okay. We've talked about last year, Russia's \nintent, their target. Let's talk about next year. Let's talk \nabout the 2017 elections in Virginia. Let's talk about the 2018 \nelections, Congressional and gubernatorial elections. What are \nwe doing to prepare ourselves this November and next November?\n    Ms. Manfra.\n    Ms. Manfra. Yes, sir. As we noted, we are taking this \nthreat very seriously, and part of that is identifying this \ncommunity as a critical infrastructure subsector. That's \nallowed us to prioritize and formalize the engagement with \nthem.\n    Similar to the 2016 elections, we are identifying \nadditional resources, prioritizing our engagement with them \nthrough information-sharing products, identifying, in \npartnership again with the State and local community, those \ncommunication protocols--how do we ensure that we can \ndeclassify information quickly should we need to and get it to \nthe individuals that need it.\n    We also have committed to working with State and local \nofficials on incident response playbooks. So how do they \nunderstand where to engage with us, where do we engage with \nthem, and how do we--are we able to bring the entire resources \nof the Federal Government to bear in helping the State and \nlocal officials secure their election systems?\n    Chairman Burr. Great.\n    Vice Chairman.\n    Vice Chairman Warner. Thank you for the answer at 21. 21 \nstates is almost half the country. We've seen reports that were \neven higher. I concur with the Chairman that the vote totals \nwere not changed. But can you explain to me how we're made \nsafer by keeping the identity of 19 of those states secret from \nthe public, since Arizona and Illinois have acknowledged they \nwere attacked?\n    Dr. Liles. Well, sir, I'd bring it back to the earlier \npoints you made about the future elections. One of the key \npieces for us within I&A is our ability to work with our \npartners because of how our collection mechanisms work. It's \nbuilt on a high level of trust----\n    Vice Chairman Warner. If this was water systems or power \nsystems, would the public be safer by not knowing that their \nwater system or power system in their respective State was \nattacked?\n    Ms. Manfra. Sir, I can--for other sectors we apply the same \nprinciples. When we do have a victim of an incident in the \nelectric sector or the water sector, we do keep the name of \nthat entity confidential. Some of these sectors do have breach \nreporting requirements that requires the victims----\n    Vice Chairman Warner. Are all 21 of the states that were \nattacked, are they aware they were attacked?\n    Ms. Manfra. All of the system owners within those states \nare aware of the targeting, yes, sir.\n    Vice Chairman Warner. At the State level, you could have \nlocal registrars and other local officials that there may have \nbeen an attempt to penetrate at the State level and you may \nhave local registrars in the respective states that would not \neven know that their State had been the subject of Russian \nactivities?\n    Ms. Manfra. We are currently working with State election \nofficials to ensure communication between the local and the \nState officials.\n    Vice Chairman Warner. But at this moment in time, there may \nbe a number of State and local election officials that don't \nknow their states were targeted in 2016, is that right?\n    Ms. Manfra. The owners of the systems that were targeted do \nknow that they were targeted----\n    Vice Chairman Warner. The owners may know, but because we \nhave a decentralized system many local elective--I just----\n    Ms. Manfra. I cannot----\n    Vice Chairman Warner [continuing]. Fundamentally disagree. \nI understand the notion of victimization.\n    Ms. Manfra. Yes, sir.\n    Vice Chairman Warner. But I do not believe our country is \nmade safer by holding this information back from the American \npublic. I have no interest in trying to embarrass any State, \nbut if this--because we've seen this for too long in cyber, \nwe've seen it in the financial industry, and others, where \npeople simply try to sweep this under the rug and assume \nthey'll go along their way.\n    When we're talking about--I go back to Dr. Liles' initial \ncomments. We had no idea--we had no ability to predict this \nbeforehand. We had 21 states that were tapped. We've got two \nthat have come forward. While no election results were changed, \nwe do know there were a number of states--perhaps you'll answer \nthis: How many states did the Russians actually exfiltrate \ndata, such as voter registration lists?\n    Ms. Manfra. I'd prefer not to go into those details in this \nforum, sir. I can tell you that we're tracking 21 states that \nwere targeted----\n    Vice Chairman Warner. Do the states who had their data \nexfiltrated by the Russians--are they aware of that?\n    Ms. Manfra. Yes, sir.\n    Vice Chairman Warner. And is there any coordinated response \non how we're going to prevent this going forward?\n    Ms. Manfra. Yes, sir.\n    Vice Chairman Warner. How do we make sure, if states are \nnot willing to acknowledge that they had vulnerabilities, that \nthey were subject to attack--again, we're in a brave new world \nhere, and I understand your position. I'm not trying to--I'm \nvery frustrated, but I'm not--I get this notion.\n    But I think we need a re-examination of this policy. You \nknow, the designation by former Secretary Johnson as critical \ninfrastructure, what does that change in terms of how our \noperations are going forward? By that designation in January, I \nappreciated it, but what does that really mean in practical \nterms, in terms of assistance or information sharing?\n    Ms. Manfra. What it means, it means three things, sir. The \nfirst is a statement that we do recognize that these systems \nare critical to the functioning of American life, and so that \nis an important statement.\n    The second is that it formalizes and sustains the \nDepartment's prioritization of engagement with this community. \nAnd the last is, it provides a particular protection for \nsharing of information, in particular with vendors within the \nelection community, that allows us to have conversations to \ndiscuss vulnerabilities with potential systems, that we would \nnot have to disclose.\n    Vice Chairman Warner. I talked to Secretary Kelly last \nweek, and I hope you'll take this, at least this Senator's \nmessage, back to him. I would like us to get more information. \nWhat I have heard today is that, there were 21 states. I \nappreciate that information, but within those 21 states I have \nno guarantee that local election officials are aware that their \nState system may have been attacked, number one.\n    Number two, we don't know how many states actually had \nexfiltration. And the final question is, have you seen any \nstoppage of the Russian activities after the election? Or are \nthey continuing to ping and try to feel out our various \nelection systems?\n    Ms. Manfra. On the first two questions, sir, we will be \nhappy to get back to you. I spoke to the Secretary this morning \nand look forward to responding to your letter. On the third \nquestion, I'll defer to the FBI.\n    Mr. Priestap. Vice Chairman, I just can't comment on our \npending investigations related to the cyber----\n    Vice Chairman Warner. You can't say whether the--so, should \nthe public take away a sense of confidence that the Russians \nhave completely stopped, as of November of 2016, trying to \ninterfere or tap into our electoral systems? Is that what \nyou're saying?\n    Mr. Priestap. That's not what I'm saying, sir. I believe \nthe Russians will absolutely continue to try to conduct \ninfluence operations in the U.S., which will include cyber \nintrusions.\n    Vice Chairman Warner. Thank you, Mr. Chairman.\n    Chairman Burr. Thank you, Vice Chairman.\n    To DHS and to the Bureau, a quick question; and if you \ncan't answer it, please go back and get us an answer. Would \nyour agency be opposed to the Chair and Vice Chair sending a \nletter to the 19 states that have not been publicly disclosed, \na classified letter, asking them if they would consider \npublicly disclosing that they were a target of the last \nelection?\n    Mr. Priestap. Sir, I'd be happy to take that question back \nto my organization, but I would just add that the role your \nCommittee is playing in regards to highlighting the Russians' \naims and activities I think is critically important for this \ncountry.\n    The Bureau is just trying to balance what, we'll call it \nthe messaging end of that, with doing things that hopefully \ndon't impact what we can learn through our investigations. I \nknow it's a fine balance, but the bottom line is you play a key \nrole in raising awareness of that, and I thank you.\n    Chairman Burr. Fair concern, and if both of you would just \ngo back and get back with us, we'll proceed from there.\n    Senator Risch.\n    Senator Risch. Thank you much.\n    So that the American people can have solid confidence in \nwhat you've done, and thank you for what you've done, could you \ngive the American people an idea--if you feel the numbers are \nclassified and that sort of thing, you don't have to go into \nit--but the number of people that were involved on DHS and the \nFBI in this investigation? Can you give us a general idea about \nthat? Whichever one of you want to take that question. Ms. \nManfra.\n    Ms. Manfra. From a DHS perspective, we did amass quite a \nfew resources both from our intelligence and analysis and our \noperations analysis. To put a number on it is somewhat \nchallenging but, you know----\n    Senator Risch. Would you say it was substantial?\n    Ms. Manfra. It was a substantial level of effort, yes, sir.\n    Senator Risch. You're confident that you got where you \nwanted to go when you set out to make this investigation?\n    Ms. Manfra. Yes, sir. One of our key priorities was \ndeveloping relationships with that community and getting \ninformation out, whether it was to the specific victims or \nbroader indicators that we could share. We accomplished that. \nWe held multiple sessions. We sent over 800 indicators to the \ncommunity, and so we do believe that we accomplished that. We \ndon't want to let that down at all. We want to continue that \nlevel of effort and we intend to continue it.\n    Senator Risch. And I'm focusing on not what you did after \nyou got the information, but how you got the information. \nYou're confident you got what you needed to appropriately \nadvise everyone on this, what was going on?\n    Ms. Manfra. Yes, sir. Yes, we did.\n    Senator Risch. Mr. Priestap.\n    Mr. Priestap. The FBI considered this a very grave threat \nand so we dedicated substantial resources to this effort as \nwell.\n    Senator Risch. Okay. Thank you.\n    To both of you, both agencies again: Everyone in this \nCommittee knows the specificity and identity of the Russian \nagencies involved. Are you comfortable in identifying them here \ntoday, or do you feel--still feel that's classified?\n    Mr. Priestap. Yeah. Other than what was mentioned in the \nunclassified version of the intelligence community assessment, \nI'd rather not go into any of those details.\n    Senator Risch. Were there any of those agencies identified, \nany of the Russian intelligence agencies, identified in that?\n    Mr. Priestap. It's my understanding that GRU was \nidentified.\n    Senator Risch. Homeland Security, same answer?\n    Dr. Liles. Yes, sir.\n    Senator Risch. Okay. Thank you much.\n    Let me ask this question. And I come at this from a little \ndifferent perspective, and I think the American people have the \nright to know this. From all the work that either of your \nagencies did, all the people involved, all the digging you did \nthrough what the Russians had done and their attempts, did you \nfind any evidence, direct or circumstantial, to any degree, \ndown to a scintilla of evidence, that any U.S. person colluded \nwith, assisted, or communicated with the Russians in their \nefforts?\n    Mr. Priestap.\n    Mr. Priestap. I'm sorry, I just can't comment on that \ntoday. That falls under the Special Counsel's purview and I \nhave to defer to him.\n    Senator Risch. Are you aware of any such evidence?\n    Mr. Priestap. And I'm sorry, sir, I just can't comment on \nthat.\n    Senator Risch. Ms. Manfra.\n    Ms. Manfra. Sorry, sir. I cannot also comment on that.\n    Senator Risch. Thank you.\n    Thank you, Mr. Chairman.\n    Chairman Burr. Senator Feinstein.\n    Senator Feinstein. Thanks very much, Mr. Chairman.\n    Candidly, I'm very disappointed by the testimony. I mean, \nwe have learned a great deal and the public has learned a great \ndeal. And it seems to me we have to deal with what we've \nlearned.\n    Mr. Priestap, is that correct? You have said, and I think \nquite pointedly, that Russia has decided to weaken us through \ncovert influence rather than brute force. And I think that's a \ncorrect assessment, and I thank you for having the courage to \nmake it.\n    Here's a question. To the best of the FBI's knowledge, have \nthey conducted covert influence in prior election campaigns in \nthe United States? If so, when, what and how?\n    Mr. Priestap. Yes, absolutely they've conducted influence \noperations in the past. What made this one different in many \nregards was of course the degree and then with what you can do \nthrough electronic systems today.\n    When they did it in the past, it was doing things like \ntrying to put in biased or half-true stories, getting stories \nlike that into the press or pamphlets that people would read, \nso on and so forth. The Internet has allowed Russia to do so \nmuch more today than they've ever been able to do in the past.\n    Senator Feinstein. So you're saying prior campaigns were \nessentially developed to influence one campaign above another, \nto denigrate a candidate if she was elected and to support \nanother candidate subtly?\n    Mr. Priestap. Yeah, I'm saying that Russia, for years, has \nconducted influence operations targeting our elections, yes.\n    Senator Feinstein. Equal to this one?\n    Mr. Priestap. Not equal to this one. No, ma'am.\n    Senator Feinstein. Okay, here we go. What made this one \ndifferent?\n    Mr. Priestap. Again, I think the scale, the scale and the \naggressiveness of the effort, in my opinion, made this one \ndifferent. And again, it's because of the electronic \ninfrastructure, the Internet, what have you, today that allowed \nRussia to do things that in the past they weren't able to do.\n    Senator Feinstein. Would you say that this effort was \ntailored to achieve certain goals?\n    Mr. Priestap. Absolutely.\n    Senator Feinstein. And what would those goals have been?\n    Mr. Priestap. I think the primary goal in my mind was to \nsow discord and to try to delegitimize our free and fair \nelection process. I also think another of their goals, which \nthe entire United States intelligence community stands behind, \nwas to denigrate Secretary Clinton and to try to help then--\ncurrent President, Trump.\n    Senator Feinstein. Have they done this in prior elections \nin which they've been involved?\n    Mr. Priestap. Have they----\n    Senator Feinstein. Denigrated a specific candidate and-or \ntried to help another candidate?\n    Mr. Priestap. Yes, ma'am, they have.\n    Senator Feinstein. And which elections were those?\n    Mr. Priestap. Oh--I'm sorry. I know there--I'm sorry, I \ncan't think of an example off the top of my head, but even \nthough--all the way through the Cold War, up to our most recent \nelection, in my opinion, they have tried to influence all of \nour elections since then, and this is a common practice.\n    Senator Feinstein. Have they ever targeted what is admitted \nhere today to be 21 states?\n    Mr. Priestap. If they have, I am not aware of that. That's \na--that scale is different than what I'm aware of what they \ntried to do in the past. So again, the scale and aggressiveness \nhere separates this from their previous activity.\n    Senator Feinstein. Has the FBI looked at how those states \nwere targeted?\n    Mr. Priestap. Absolutely, ma'am.\n    Senator Feinstein. And what is your finding?\n    Mr. Priestap. We have a number of investigations open in \nregards to that. In this setting, because they're all still \npending investigations, I'd rather not go into those details.\n    The other thing I'd ask you to keep in mind is that we \ncontinue to learn things. So, there was some activity we were \nlooking at prior to the election. It's not like when the \nelection was finished our investigation stopped. So as we learn \nmore, we share more.\n    Senator Feinstein. Do you know if it's the intent of the \nFBI to make this information public at some point?\n    Mr. Priestap. I think this gets back to an issue the Vice \nChairman raised, and I guess I want to be clear on my position \non it. I think it is critically important to raise awareness \nabout Russia's aims to undermine our democracy, and then their \ntradecraft and how they do it.\n    My organization--part of understanding that tradecraft is \nconducting our investigations where we learn more and more \nabout tradecraft. So we try to balance, what do we need to \nprovide to partners so they can best protect themselves versus \nnot interrupting our investigations if the information were to \nbe made public.\n    Senator Feinstein. Thank you very much.\n    Mr. Priestap. A balancing act.\n    Senator Feinstein. My time is up. Thank you\n    Chairman Burr. Thank you, Senator Feinstein.\n    The Vice Chairman and I have already decided that we're \ngoing to invite the Bureau in for a classified briefing to \nupdate all members on the open investigations and any that we \nsee that might warrant, on their minds, an opening of a new \ninvestigation.\n    In addition, let me remind members that one of the mandates \nof our investigation is that we will, at the end of this, work \nwith the Bureau and other appropriate agencies to make a public \nreport in as great a public detail as we can our findings on \nRussia's involvement in our election.\n    So, it is the intent of the Chair, at least, to make sure \nthat as much as we can declassify, it's done and the public \ngets a true understanding when we put out a final report.\n    Senator Rubio.\n    Senator Rubio. Thank you, Mr. Chairman. And that's \ncritically important. I think the most important thing we're \ngoing to do in this report is tell the American people how this \nhappened, so we're prepared for the next time. And it begins, I \nthink, by outlining what their goals were, what they tried to \ndo, in this regard.\n    And we know what they tried to do, because they've done it \nin other countries around the world for an extensive period of \ntime. The first is, undermine the credibility of the electoral \nprocess; to be able to say, that's not a real democracy. It's \nfilled with all kinds of problems.\n    The second is to undermine the credibility of our leaders, \nincluding the person who may win. They want that person to go \ninto office hobbled by scandal and all sorts of questions about \nthem. And the third, ideally, in their minds, I imagine, is to \nbe able to control the outcome in some specific instances. If \nthey think they could, either through public messaging, or even \nin a worst case scenario by actually being able to manipulate \nthe vote--which I know has now been repeatedly testified did \nnot happen here.\n    And, by the way, these are not mutually exclusive. You can \ndo all three, you can only take one. They all work in \nconjunction. I think you can argue that they have achieved \nquite a bit, if you think about the amount of time that we have \nbeen consumed in this country on this important topic and the \npolitical fissures that it's developed.\n    And the way I always kind of point to it--and if anyone \ndisagrees I want you to tell me this--but, you know, we have \nsomething in American politics. It's legitimate; both sides do \nit. It's called opposition research. You find out about your \nopponent. Hopefully it's embarrassing or disqualifying \ninformation if you're the opposition research person. You \npackage it. You leak it to a media outlet. They report it. You \nrun ads on it.\n    Now, imagine being able to do that with the power of a \nnation state, illegally acquiring things like e-mails and being \nable to weaponize it by leaking, leaking it to somebody who \nwill post that and create all sorts of noise. I think that's \ncertainly one of the capabilities.\n    The other is just straight-out misinformation, right? The \nability to find a site that looks like a real news place, have \nthem run a story that isn't true, have your trolls begin to \nclick on that story. It rises on Facebook as a trending topic. \nPeople start to read it. By the time they figure out it isn't \ntrue, a lot of people think it is.\n    I remember seeing one in early fall that President Obama \nhad outlawed the Pledge of Allegiance, and I had people texting \nme about it. And I knew that wasn't true, but my point is that \nwe have people texting about it, asking if it was. It just \ntells you--and I don't know if that was part of that effort, or \nit was just somebody with too much time on their hands.\n    And then the third, of course, is the access to our voting \nsystems, and obviously people talk about affecting the tallies. \nBut just think about this. Even the news that a hacker from a \nforeign government could have potentially gotten into the \ncomputer system is enough to create the specter of a losing \ncandidate arguing, the election was rigged, the election was \nrigged.\n    And because most Americans, including myself, don't fully \nunderstand all the technology that's around voting systems per \nse, you give that ``election is rigged'' kind of narrative to a \ntroll and a fake news site, and that stuff starts to spread. \nAnd before you know it, you have the specter of a political \nleader in America being sworn in under the cloud of whether or \nnot the election was stolen because vote tallies were actually \nchanged.\n    So I don't know why they were probing these different \nsystems, because obviously a lot of the information they were \nlooking at was publicly available. You can buy it, voter rolls. \nCampaigns do it all the time. But I would speculate that one of \nthe reasons potentially is because they wanted these stories to \nbe out there, that someone had pinged into these systems, \ncreating a specter of being able to argue at some point that \nthe election was invalid because hackers had touched election \nsystems in key states.\n    And that is why I really, truly believe, Mr. Chairman, it \nis so important that, to the extent possible, that part of it, \nthe systems part, as much of it be available to the public as \npossible, because the only way to combat misinformation is with \ntruth and with facts, and explain to people, and I know some of \nit is proprietary. I know some of it we were trying to protect \nmethods and so forth, but it is really critical that people \nhave confidence that when they go vote that vote is going to \ncount and someone's not going to come in electronically and \nchange it.\n    And I think they're--I just really hope we err on the side \nof disclosure about our systems so that people have full \nconfidence when they go vote. Because I can tell you, I was on \nthe ballot in November, and I remember people asking me \nrepeatedly, is my vote going to count? I was almost afraid \npeople wouldn't vote because they thought their vote wouldn't \ncount. So I just hope as we move forward--I know that's not \nyour decision to make in terms of declassifications and the \nlike, but it is really, really, really important that Americans \nunderstand how our voting systems work, what happened, what \ndidn't and that we be able to communicate that in real-time in \nthe midst of an election, so that if in 2018 these reports \nstart to emerge about our voting systems being pinged again, \npeople aren't--we can put out enough information in October and \nearly November so people don't have doubts.\n    And I know that's not your decisions to make, but I just \nreally hope that's part of what we push on here, because I \nthink it's critical for our future.\n    Chairman Burr. Senator Wyden.\n    Senator Wyden. Thank you, Mr. Chairman.\n    Let me say to the three of you, and I say it respectfully, \nthat on the big issue, which is which states were affected by \nRussian hacking in 2016, the American people don't seem to be \ngetting more information than what they already had before they \nshowed up. We want to be sensitive to security concerns, but \nthat question has to be answered sooner rather than later. I \nwant to send that message in the strongest possible way.\n    We obviously need to know about vulnerabilities so that we \ncan find solutions, and we need better cybersecurity to protect \nelections from being hacked in the first place. And that means \nsolutions like Oregon's vote-by-mail system, that has a strong \npaper trail, air-gapped computers, and enough time to fix the \nproblems if they pop up.\n    But now to my question. You all mentioned the January \nintelligence assessment, saying that the types of systems we \nobserved Russian actors targeting or compromising are not \ninvolved in vote tallying. Your prepared testimony today makes \nanother point that I think that is important. You say it is \nlikely that cyber-manipulation of U.S. election systems \nintended to change the outcome of a national election would be \ndetected. So that is different than what we have heard thus \nfar.\n    So I have two questions for you, Ms. Manfra, and you, Dr. \nLiles: What level of confidence does the Department have in its \nassessment that 2016 vote tallying was not targeted or \ncompromised? And second, does that assessment apply to State \nand local elections?\n    Dr. Liles. Thank you, sir, for the question.\n    So, the level of effort and scale required to change the \noutcome of a national election would make it nearly impossible \nto avoid detection. This assessment is based on the diversity \nof systems, the need for physical access to compromise voting \nmachines themselves, the security of pre-election testing \nemployed by the State and local officials. There's a level, a \nnumber of standards and security protocols that are put in \nplace. In addition, the vast majority of localities engage in \nlogic and accuracy testing, which work to ensure voting \nmachines are operating and tabulating as expected.\n    Before, during, and after the election, there has been an \nimmense amount of media attention applied to this, which also \nbrings in the idea of people actually watching and making sure \nthat the election results represent what they see. And plus \nthere's just the statistical anomalies that would be detected, \nso we have a very high confidence in our assessments.\n    Senator Wyden. What about State and local elections? Do you \nhave the same level of confidence?\n    Dr. Liles. So, from the standpoint of a nation-state actor \noperating against a State and local election system, we would \nhave the same--for an Internet-connected system, we would have \nthe same level of confidence.\n    Senator Wyden. Ms. Manfra.\n    Ms. Manfra. Yes, sir. And I think this also gets to Senator \nRubio's point about the difficulty in the general public \nunderstanding the variety of systems that are used in our \nelection process.\n    So we broke our level of engagement and concern down to a \ncouple of different areas. The voter registration systems, \nwhich are often, usually connected to the Internet. We also \nwere looking at the voting machines themselves, which by best \npractice and by the voluntary voting standards and guidelines \nthat the Department of Commerce works with the Election \nAssistance Commission on, is, by best practice--those are not \nconnected to the Internet.\n    Senator Wyden. So can Homeland Security assure the public \nthat the Department would be able to detect an attempted attack \non vote tallying?\n    Ms. Manfra. What I would suggest, sir, is that the ability, \nas has been demonstrated by security researchers, to access \nremotely a voting machine to manipulate that vote and then to \nbe able to scale that across multiple different voting machines \nmade by different vendors, would be virtually impossible to \noccur in an undetected way within our current election system.\n    Senator Wyden. Has the Department conducted any kind of \npost-election forensics on the voting machines that were used \nin 2016?\n    Ms. Manfra. We are currently engaged with many vendors of \nthose systems to look into conducting some joint forensics with \nthem. The vendor community is very interested in engaging with \nus. We have not conducted----\n    Senator Wyden. So there's no--there's been no analysis yet?\n    Ms. Manfra. We have not--our Department has not conducted \nforensics on specific voting machines.\n    Senator Wyden. Do you believe it's important to do that in \nterms of being able to reassure Americans that there was no \nattack on vote tallying?\n    Ms. Manfra. Sir, I would say that we do currently have \nvoluntary standards in place that vendors are enabled--and in \napproximately 35 states, actually require, some level of \ncertification of those voting machines that they are complying \nwith those standards. We would absolutely be interested in \nworking with vendors to conduct that level of analysis.\n    Senator Wyden. Let me ask one last question. Obviously, the \nintegrity of elections depends on a lot of people: State and \nlocal election officers, equipment vendors, third party \ncontractors. Are you all, at Homeland Security and the FBI, \nconfident that the Federal Government has now identified all of \nthe potential government and private sector targets?\n    Ms. Manfra. Yes, sir. I'm confident that we've identified \nthe potential targets.\n    Senator Wyden. Okay.\n    Thank you, Mr. Chairman.\n    Chairman Burr. Senator Collins.\n    Senator Collins. Mr. Priestap, let me start by saying that \nit's a great pleasure to see you here again. I remember back in \n2003, you were detailed to the Homeland Security Committee when \nI was the Chairman and how helpful you were in our drafting of \nthe Intelligence Reform and Terrorism Prevention Act. So thank \nyou for your continued public service.\n    You testified this morning and answered the question of, \nwhat does Russia want? And you said that the Russians want to \nundermine the legitimacy of our elections and sow the seeds of \ndoubt among the American public.\n    Despite the exposure and the publicity given to the \nRussian's efforts in this regard, do you have any doubt at all \nthat the Russians will continue their activities in subsequent \nelections?\n    Mr. Priestap. I have no doubt. I just can't--I just don't \nknow the scale and aggressiveness, whether they'll repeat that, \nif it'll be less or if it'll be more. But I have no doubt they \nwill continue.\n    Senator Collins. Is there any evidence that the Russians \nhave implanted malware or backdoors or other computer \ntechniques to allow them easier access next time to our \nelection systems?\n    Mr. Priestap. I'm sorry, Senator. I just can't comment on \nthat because of our pending investigations.\n    Senator Collins. Secretary Manfra, the secretaries of state \nwho are responsible for the election systems have a pretty \nblistering attack on the Department of Homeland Security in the \ntestimony that will be given later this morning. And I want to \nread you part of that and have you respond. They say: ``Yet, \nnearly six months after the designation''--and they mean the \ndesignation of election systems as critical infrastructure--\n``and in spite of comments by DHS that they are rushing to \nestablish election protections, no secretary of state is \ncurrently authorized to receive classified threat information \nthat would help them to protect their election systems.'' Why \nnot?\n    Ms. Manfra. Thank you, ma'am, for that question. I would \nnote that this community, the secretaries of state, and for \nthose states where they have a State election director, is not \none that the department has historically engaged with. And what \nwe have done in the process of building the trust and learning \nabout how they do their work and how we can assist, we have \nidentified the need to provide clearances to that community. \nAnd so we have committed to them to work through that process \nbetween our Department and the FBI.\n    Senator Collins. Let me ask you about your own agency, \nwhich is the agency that focuses on critical infrastructure, \nincluding our election systems. Now, NPPD is not an official \nelement of the intelligence community that would have routine \naccess to especially sensitive classified information. So how \ndo you know with any certainty whether you and others in the \nagency are read into all the relevant classified information \nthat may exist regarding foreign threats to our critical \ninfrastructure, including our election systems?\n    Ms. Manfra. Yes, ma'am. I would say, despite the fact that \nwe're not a part of the intelligence community and our focus is \non network defense and operations, in partnership with the \ncritical infrastructure and the Federal Government, we feel \nvery confident that with the partnership with our own \nIntelligence and Analysis Division, that serves as an advocate \nfor us within the intelligence community, as well as our direct \nrelationships with many of those individuals in organizations \nsuch as the FBI, NSA, and others, that we receive information \nquickly; And when we ask to declassify that, they are \nresponsive. And we work through our partners at the \nIntelligence and Analysis Office to ensure that that happens \nquickly.\n    So is there room for improvement? Absolutely, of course. \nBut we have the full commitment of the intelligence community \nto support us and get us the information that we need and our \nstakeholders need.\n    Senator Collins. And, finally, how many states have \nimplemented all the best practices recommended in the document \ndeveloped by DHS regarding the protection of election systems?\n    Ms. Manfra. Ma'am, I'd have to get back to you on a \nspecific number of states. I don't have that.\n    Senator Collins. Do you think most states have?\n    Ms. Manfra. In our informal engagement, many of them noted \nthat they had already adopted some of these and to the extent \nthat they weren't they were incorporating them.\n    Senator Collins. I would ask for a response for the record.\n    Ms. Manfra. Yes, ma'am.\n    Senator Collins. That's a really important point.\n    Chairman Burr. Senator Heinrich.\n    Senator Heinrich. Mr. Priestap, I want to thank you for \njust how seriously you've taken this and how you've answered \nthe questions this morning in your testimony. I think you hit \nthe nail on the head when you said we need to step back and ask \nthe fundamental question, what do the Russians want?\n    And by outlining that they want to undermine legitimacy in \nour system, that they want to sow discord, that they want to \nundermine our free and fair elections, we really have a better \nlens with which to understand the specifics of what happened in \n2016. In your view, were the Russians successful at reaching \ntheir goals in their activities in our 2016 elections?\n    Mr. Priestap. I don't know for certain whether the Russians \nwould consider themselves successful. In many ways, they might \nargue that, because of the time and energy we're spending on \nthis topic, maybe it's distracting us from other things. But on \nthe other hand, exactly what this Committee is doing as far as \nraising awareness of their activities, their aims, for the \nAmerican people, to me they've done us--in my opinion, they've \ndone the American public a service in that regard. And so, I \nguess I don't know, but could argue either way.\n    Senator Heinrich. Yes. I think the jury's certainly out for \nthe future, but when you look at the amount of discord that was \nsown and the impact on 2016, I hope that the outcome of what \nwe're doing here is to make sure that in 2018, and in 2020, and \n2022, that by no metric will they have been successful.\n    Mr. Priestap, you stated, very correctly, that one of their \nprimary goals was to delegitimize our democracy. Are are you \nfamiliar with the term ``unwitting agent''?\n    Mr. Priestap. Yes, I am.\n    Senator Heinrich. Can you kind of summarize what that is \nfor us?\n    Mr. Priestap. In an intelligence context, it would be where \nan intelligence service is trying to advance certain aims and \nthey reach out to a variety of people, some of which they might \ntry to convince to do certain things; and the people, person or \npersons they contact might actually carry those out, but for \ndifferent reasons than the intelligence service that actually \nwanted them to carry them out. In other words, they do it \nunwittingly.\n    Senator Heinrich. By effectively reinforcing the Russian \nnarrative and publicly saying that our system is rigged, did \nthen-candidate Trump, now President Trump, become what \nintelligence officials call an unwitting agent?\n    Mr. Priestap. I can't give you a comment on that.\n    Senator Heinrich. I don't blame you for not answering that \nquestion.\n    [Laughter.]\n    We've got about a minute 46 left. Can you talk about the \nrelationship between the election penetration that we saw and \nthe coincident Russian use of what Senator Rubio very aptly \ndescribed of trolls, of bots, of social media, all designed to \nmanipulate the American media cycle, and how those two things \nfit together?\n    Mr. Priestap. I'm sorry. To clarify, fit together the \nintrusions with the----\n    Senator Heinrich. What's the relationship between what they \nwere doing in our elections from a technical point of view and \nwhat they were seeking to do in our media cycle by using trolls \nand bots and manipulation of the media cycles.\n    Mr. Priestap. I guess the best way I can describe it is \nthat this was a, my opinion, a well-planned, well-coordinated, \nmulti-faceted attack on our election process and democracy. And \nwhile that might sound complicated, but it was actually really \nstraightforward. They want to collect intelligence from a \nvariety of sources, human and cyber means. They want to \nevaluate that intelligence, and then they want to selectively--\nthey might selectively disseminate some of it. They might use \nothers for more strategic discussions.\n    But at the end of the day it's all about collecting \nintelligence that would give them some type of advantage over \nthe United States and/or attempt to influence things, and then, \ncoordinated, well-coordinated, well-funded, diverse ways to \ndisseminate things to hopefully influence American opinion.\n    Senator Heinrich. This is a very sophisticated, highly \nresourced effort.\n    Mr. Priestap. Absolutely.\n    Senator Heinrich. Thank you.\n    Chairman Burr. Senator Blunt.\n    Senator Blunt. Thank you. Thank you, Chairman.\n    Let's talk a little bit about once--let's start with a \ncomment that DHS made in its written comment which says it \nassesses that the systems Russian actors targeted or \ncompromised were not involved in vote tallying. Now, is that \nbecause the vote tallying systems are a whole lot harder to get \ninto than the voter registration systems?\n    Ms. Manfra. I can't make a statement as to why different \nsystems were targeted. What we can assess is that those vote \ntallying systems, whether it was the machines at a kiosk that a \nvoter uses at the polling station or the systems that are used \nto tally votes, were very difficult to access, and particularly \nto access them remotely. And then, given the level of \nobservation for vote tallying at every level of the process, \nthat adds into, you know, that we would have identified issues \nthere, and there were no identified issues. So those two are--\n--\n    Senator Blunt. Okay. I would think that if you could get \ninto the vote tallying system and you did want to impact the \noutcome of an election, obviously the vote tallying system is \nthe place to do that. And I would also suggest that all of your \nefforts, a lot of your efforts, should be to continue to do \nwhatever DHS thinks they need to advise--I don't think we \nshould centralize this system--to give advice to State and \nlocal election officials to be sure that that vote tallying \nsystem is protected at a level above other systems.\n    You know, the voter registration system is public \ninformation. It is generally accessible in lots of ways. It's \nnot nearly as protected, for that reason. You have lots of \ninput from lots of sources into that system.\n    And I think, Ms. Manfra, you made the point that you said \nthat the best practice would be to not have the vote tallying \nsystem connected in any unnecessary way to the Internet. Is \nthat right?\n    Ms. Manfra. Both the kiosks themselves and vote tallying \nsystems, to not connect them to the Internet and to also have, \nideally, paper auditing trails as well.\n    Senator Blunt. Well, I certainly agree with that. The paper \ntrail is significant and I think more prevalent as people are \nlooking at new systems. But also, I think any kind of third \nparty monitoring--the first two parties would be the voter and \nthe counting system--just creates another way into the system. \nSo my advice would be that DHS doesn't want to be in a \nsituation where somehow you're connected to all the voting \nsystems of the country.\n    And Mr. Liles, I think you said the diversity of our voting \nsystem is a great strength of the system. Do you want to \ncomment on that any more?\n    Dr. Liles. Yes, sir. When we were setting it as part of our \nred teaming activities, we looked at the diversity of the \nvoting system as actually a great strength and the fact that \nthere were not connected in any one kind of centralized way. So \nwe evaluated that as--when we were looking at the risk \nassessment with OCIA, the Office of Cyber Intelligence \nAnalysis--Infrastructure Analysis, we looked at that as one of \nthe great strengths and our experts at the IC we worked with \nalso said the same thing.\n    Senator Blunt. Well, I would hope you'd continue to think \nabout that as one of the great strengths as you look at this \ncritical infrastructure, because every avenue for Federal \nmonitoring is also just one more avenue for somebody else to \nfigure out how to get into that system.\n    And again, the voter registration system, dramatically \ndifferent in what it does. All public information accessible, \nprinted out, given to people to use, though you are careful of \nwhat information you give and what you don't. But almost all \nelection officials that have this system now have some way to \nshare that with the public as a system.\n    There is no reason to share the security of the vote \ncounting system with the public or to have it available or \naccessible. And I would hope that the DHS, or nobody else, \ndecides that you're going to save this system by having more \navenues, more avenues into the system.\n    Ms. Manfra. Absolutely not, sir. We're fully supportive of \nthe voluntary standards process, and we are engaging with that \nprocess with our experts, and we continue, again, with the \nvoluntary partnership with the State and local. And we intend \nto continue that.\n    Senator Blunt. Thank you.\n    Thank you, Mr. Chairman.\n    Chairman Burr. Senator King.\n    Senator King. Thank you, Mr. Chairman.\n    Starting with a couple of short questions, Mr. Priestap. \nNumber one, you've stated this was a very grave threat, that \nRussia--the attempts to probe and upset our local election \nsystems. Any doubt it was the Russians?\n    Mr. Priestap. No, sir.\n    Senator King. Any doubt that they'll be back?\n    Mr. Priestap. No, sir.\n    Senator King. To our DHS witnesses, have the 21 states that \nyou've mentioned, that we know where we had this happen, been \nnotified officially?\n    Ms. Manfra. Sir, the owners of the systems within those 21 \nstates have been notified.\n    Senator King. How about the election officials in those \nstates?\n    Ms. Manfra. We are working to ensure that election \nofficials as well understand. I'll have to get back to you on \nwhether all 21 states----\n    Senator King. Have you had a conference of all State \nelection officials, secretaries of state, here in Washington on \nthis issue?\n    Ms. Manfra. I have had at least two teleconferences; and \nin-person conferences, we will be engaging with them in July, I \nbelieve.\n    Senator King. Well, I would urge you to put some urgency on \nthis. We've got another election coming in 18 months, and if \nwe're talking about systems and registration rolls, the time is \ngoing by. So I believe this is, as we've already heard \ncharacterized, is a very grave threat. It's going to be back \nand shame on us if we're not prepared.\n    Ms. Manfra. Yes, sir. We have biweekly--every other week, \nwe hold a teleconference with all relevant election officials. \nThe national associations that represent those individuals have \nnominated bipartisan individuals to engage with us on a regular \nbasis.\n    This is of the utmost urgency for the Department and this \ngovernment to ensure that we have better protections going \nforward, and the community, the election community, is \nsimilarly committed and has been so for years.\n    Senator King. And just to be clear, nobody's talking about \na Federal takeover of local election systems or Federal rules. \nWhat we're talking about is technical assistance and \ninformation and perhaps some funding at some point?\n    Ms. Manfra. Sir, this is similar to our engagement with all \ncritical infrastructure sectors, whether it's the electrical \nsector, the nuclear sector, the financial sector, is completely \nvoluntary and it is about this Department providing information \nboth to potential victims, but to all network defenders, to \nensure that they have access to what we have access to and can \nbetter defend themselves.\n    Senator King. Thank you.\n    Mr. Liles, I'll take issue with something that you said, \nthat we have a national election and it was just too large, too \ndiverse, to really crack. We don't have a national election. \nWhat we have are 50 State elections. And each election in the \nstates can depend upon a certain number of counties. There are \nprobably 500 people within the sound of my voice who could tell \nyou which ten counties in the United States will determine the \nnext Presidential election.\n    And so you really--a sophisticated actor could hack a \nPresidential election simply by focusing on particular \ncounties. Senator Rubio I'm sure remembers Dade County in the \nyear 2000 and the significance that had to determining who the \nnext President of the United States was.\n    So I don't think it works to just say, oh, it's a big \nsystem and the diversity will protect us, because it really is \ncounty by county, city by city, State by State, and a \nsophisticated actor, which the Russians are, could easily \ndetermine where to direct their attack. So I don't want to rely \non the diversity.\n    Second, a separate point is, what do we recommend? And \nwe've talked about paper backups. The Dutch just had an \nelection where they just decided to make it all paper and count \nthe ballots by hand, for this very reason. So what would you \ntell my elections clerk in Brunswick, Maine, Ms. Manfra, would \nbe the top three things he or she should think about in \nprotecting themselves in this situation?\n    Ms. Manfra. Sir, I would say to, first, as previous \nSenators mentioned, prioritize the security of your voting \nmachines and the vote tallying system, ensure that they are not \nconnected to the Internet, even if that is enabled on those \nparticular devices.\n    Second, ensure that you have an auditing process in place \nwhere you can identify anomalies throughout the process, \neducate polling workers to look for suspicious activity, for \nexample.\n    Senator King. But doesn't auditing mean a paper trail, a \npaper backup?\n    Ms. Manfra. Yes, sir. I would recommend a paper backup.\n    Senator King. And one of the worrisome things, again, on \nthe issue of the national, we talk about how diverse it is, but \naren't we seeing a consolidation in terms of the vendors who \nare producing these machines?\n    Ms. Manfra. Yes, sir. It is my understanding that we are \nseeing some consolidation in the vendor community. Again, many \nof them are committed and have engaged on the voluntary voting \nstandards and guidelines, which partly include security.\n    We will be updating those security guidelines in 2018. And \nyes, while there is some concern about consolidation, we do \nlook forward to engaging with them, and as of now they are a \nvery engaged community.\n    Senator King. I think this aspect of this question that \nthis Committee is looking at is one of the most important, and \nfrankly one of the most daunting, because we pretty well \ndetermined that they weren't successful in changing tallies and \nchanging votes, but they weren't doing what they did in at \nleast 21 states for fun. And they are going to be back, and \nthey're going to be back with knowledge and information that \nthey didn't have before.\n    So I commend you for your attention to this and certainly \nhope that this is treated with the absolute utmost urgency.\n    Thank you, Mr. Chairman.\n    Chairman Burr. Senator Lankford.\n    Senator Lankford. Thank you, Mr. Chairman.\n    Thanks to all of you for being here as well today.\n    To Senator King just as a heads up, there are some states \nthat are like that. For 25 years the Oklahoma election system \nhas had a paper ballot and an optical scan and it's been a very \ngood back-up for us. We quickly count because of the optical \nscan, but we're able to go back and verify because of paper.\n    This is such a big deal and it's such an ongoing \nconversation that I'm actually in two simultaneous hearings \ntoday I'm running back and forth with. In the Department of \nHomeland Security and what we're dealing with State elections \nand with State systems, is also happening in the HSGAC hearing \nthat I'm also at, including my own Oklahoma CIO that's there \ntestifying today on this same issue, how we are protecting \nState systems, State elections and what's happening.\n    I brought this with me today. You all are probably--this \ngroup is very, very familiar with this e-mail. This is the \nfamous e-mail that Billy Rinehart got from the DNC while he \nhappened to be on vacation. He was out in Hawaii enjoying some \nquality time away from his work at the DNC, and he gets an e-\nmail from Google, it appears, that says someone has used your \npassword, someone just tried to sign in to your Google account; \nsent it to him and told him someone tried to do it from the \nUkraine; and recommended that he go in and change his password \nimmediately.\n    [The material referred to follows:]\n    \n[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    \n    \n    \n    \n    Senator Lankford. Which, as the New York Times reported, he \ngroggily at 4:00 a.m., when he saw that e-mail was frustrated \nby it, went in, clicked on the link, changed his password and \nwent back to bed. But what he actually did was just gave the \nRussian government access to the DNC, and then it took off from \nthere.\n    Multiple other staff members of the DNC got an e-mail that \nlooked just like this. Now, everyone who has a Google account, \nwill know that really looks like a Google account warning. It \nlooked like the real thing. When you hovered over the ``change \npassword,'' it showed a Google account connection where it was \ngoing to, but it wasn't. It was going to the Russians.\n    About 91 percent, my understanding is, about 91 percent of \nthe hacks that come into different systems, start with a spear \nphish attack that looks just like this.\n    So let's talk about, in practical terms, for our State \nelection folks and what happens in my State and other states. \nFirst for you, Mr. Priestap. How does Russia identify a \npotential target? Because this is not just a random e-mail that \ncame to him. This was targeted directly at him, to his address. \nIt looked very real, because they knew who he was and where he \nworks. So, how were the Russians that savvy to be able to track \nthis person and how does this work in the future for an \nelection system for a State?\n    Mr. Priestap. So I can't go into great detail in this \nforum, but I'd say what intelligent services do, not just \nRussia there, is they're looking for vulnerabilities. That \nwould begin in the cyber sense with computer vulnerabilities.\n    As far as targeting specific individuals, I don't know all \nthe facts surrounding that e-mail and all the e-mails that were \nsent, but my guess is they didn't just send it to one person. \nThey sent it the email like that to a whole variety, just \nhoping that one would click on it.\n    Senator Lankford. Right. But how are they getting that \ninformation? Are they going to their website, for instance, and \ngathering all the e-mails for it? I'm trying to figure out, are \nthey tracking individuals to get more information, so they get \nsomething that looks like something they would click on?\n    Mr. Priestap. Yes. You hit on it, but a whole variety of \nways. They might get it through reviewing open source material, \neither online or otherwise. But they also collect a lot of \ninformation through human means as well.\n    Senator Lankford. So, Ms. Manfra, let me ask you this \nquestion. When someone at any location clicks on a link like \nthis, what access to information do they get typically?\n    Ms. Manfra. Well, sir, it depends on the system itself. I \nimagine that's probably a frustrating response. But given the--\nand I think this is important for the public to understand. As \nthe threat evolves, they're going to continue as we educate the \npublic, don't click on certain things. Look at, you know, make \nsure you know the sender, for instance, before you click on it, \nand as our defense gets better the offense is going to look for \nother means.\n    And so we look, you know, in this case, ideally, we want \npeople to look and see what is it that they're actually \nclicking on before they click it. Some organizations choose to \nsay when an individual clicks on that link, they choose to not \nallow that to go to that designation, because they know it's \nsuspicious or they have some mechanisms in place to put that \ninto a container and look at it. Other organizations don't take \nthose steps, and it really depends on your risk management and \nthe technical control that you put in place.\n    Senator Lankford. Let me ask you a quick question. Who has \nprimary responsibility for Federal election integrity? Which \nagency is the prime mover in that? Obviously, states oversee \ntheir own, but which Federal entity is working with the State \nto say they're the prime person or the prime agency to do it?\n    Ms. Manfra. For election cybersecurity, our Department, in \ncoordination with the FBI and others, is leading the \npartnership with State and locals.\n    Senator Lankford. Great. Thank you.\n    Chairman Burr. Senator Manchin.\n    Senator Manchin. Thank you, Mr. Chairman.\n    And thank all of you for your appearance here today and \nyour testimony. Being a former secretary of state of my great \nState of West Virginia, and also being a former governor, my \nutmost concern was voter fraud. Every time that we would have a \nreport of a fraud, I would see the election participation \ndecrease the next election cycle, thinking their vote didn't \ncount.\n    Is there any reason at all that any person that has the \nknowledge that you all have, or anyone that you've--on our \nCommittee here, from the intelligence community, would give you \nany doubt that Russia was involved, and Russia was very much \ninvolved with the intent of doing harm to our election process, \nas far as the confidence level that voters would have? Do any \nof you have any concerns whatsoever, any doubts, that the \nRussians were behind this and involved in a higher level than \never? All three of you.\n    Mr. Priestap. No, no doubt from the FBI's end as far as \nRussia's involvement.\n    Senator Manchin. And you've all interacted with all the \nintelligence community, right?\n    Mr. Priestap. Yes, sir.\n    Ms. Manfra. Similar, sir. I have no doubt.\n    Mr. Liles. No, sir.\n    Senator Manchin. So nobody. There's not an American right \nnow that should have a reasonable doubt whatsoever that the \nRussians were involved.\n    Were all 50 states notified on Russia's intentions and \nactivities during the 2016 election cycle? Had you all put an \nalert out? So if I'd have been secretary of state in charge of \nmy elections in West Virginia, would you have notified me to be \non the lookout?\n    Ms. Manfra. Sir, I can discuss our products that we put out \nand I'll defer to the FBI on what they put out. We did put out \nproducts, not public products, but we did put out products, \nprimarily leveraging our Multi-State Information Sharing \nAnalysis Center, which has connections to all 50 states CIOs.\n    And we engaged with the Election Assistance Commission and \nother national associations that represent those individuals to \nensure that we were able to reach--again, this was a community \nthat we had not historically engaged with, and so we relied on \nthose, and we did put out multiple products prior to the \nelection.\n    Senator Manchin. And you're really not sure if these \nnational associations, the secretaries of states, dispersed \nthat information, put everybody on high alert?\n    Ms. Manfra. I believe that they did, sir. We also held a \nconference call where all 50 secretaries of state or an \nelection director if the secretary of state didn't have that \nresponsibility, in August, in September, and again in October, \nboth high-level engagement and network defense products.\n    Senator Manchin. And if I could ask this questions to \nwhoever, maybe Mr. Priestap. What was Russia's intention, and \ndo you think they were successful in what they desired to do, \neven though they didn't alter--as you all have said, you can \nsee no alterations of the election results. Do you believe that \nit had an effect in this election outcome of this 2016 \nelection?\n    Mr. Priestap. As far as Russia's intention, again, the \nbroader being to undermine democracy and one of the ways they \nsought to do this, of course, here was to undermine the \nlegitimacy of our free and fair election.\n    Senator Manchin. Do you believe they were successful in the \noutcome?\n    Mr. Priestap. No, I--the FBI doesn't look at that as far as \ndid Russia achieve its aims in that regard.\n    Senator Manchin. Let me ask this question. Are there \ncounter-actions the U.S. can take to subvert or punish the \nRussians for what they have done and their intention to \ncontinue? And what's your opinion of the sanctions that we have \nplaced on Russia?\n    Mr. Priestap. As you know, the FBI doesn't do policy. I'm \nhere today to provide you an overview of the threat picture, at \nleast as I understand and see it. But obviously the U.S. \ngovernment did take action post-election in regards to making a \nnumber of Russian officials----\n    Senator Manchin. Have you seen them subside at all any of \ntheir activities since we have taken some actions?\n    Mr. Priestap. Subside? They have less people to carry out \ntheir activities, so it's certainly had an impact on the number \nof people.\n    Senator Manchin. And finally, with the few seconds I have \nleft, have we shared this with our allies, our European allies, \nwho are going through election processes, and have they seen \nthe same intervention in their election process that we have \nseen from the Russians in ours?\n    Mr. Priestap. Sure. I can't speak for DHS, but the FBI is \nsharing this information with our allies, absolutely.\n    Senator Manchin. How about DHS?\n    Ms. Manfra. We are also sharing information with our \nallies.\n    Senator Manchin. Are they seeing a high--an overaggressive, \nhigh activity, from the Russians that they haven't seen at this \nlevel before, such as we did during the 2016 election?\n    Dr. Liles. Sir, there is media reporting that suggests \nthat. We don't have direct government-to-government \nrelationships from a DHS perspective. There is definitely media \nreporting that they're seeing an increased activity.\n    Senator Manchin. Thank you.\n    Chairman Burr. Senator Cotton.\n    Senator Cotton. Thank you all for your appearance today.\n    Mr. Priestap, in response to Mr. Heinrich's question about \nwhether Donald Trump had become an unwitting agent of Russia \nand their efforts to sow discord and discontent about our \nelections, you said that you declined to answer, which is \nunderstandable.\n    Let's look at this from a different perspective. Since her \nelection defeat, Hillary Clinton has blamed her loss on the \nRussians, Vladimir Putin, the FBI, Jim Comey, fake news, \nWikiLeaks, Twitter, Facebook, and, my personal favorite, \ncontent farms in Macedonia. In her blaming her loss on these \nactors, has Hillary Clinton become an unwitting agent of \nRussians' goals in the United States?\n    Mr. Priestap. And I'm sorry, sir, but I'd rather not \ncomment. It's just something----\n    Senator Cotton. I understand. I just wanted to point out \nthat you can look at it from two different----\n    Mr. Priestap [continuing]. It's just something I haven't \ngiven any thoughts to.\n    Senator Cotton. Let's turn to other matters, then. Would \nyou advise states and localities in the conduct of their \nelections or, more broadly, in their government services not to \nuse or not to do business with Kaspersky Labs, companies that \ndo business with Kaspersky, or companies that use Kaspersky \nproducts in their systems?\n    Mr. Priestap. Sir, I can't really comment on that in this \nsetting.\n    Senator Cotton. Miss Manfra, would you advise them not to \nuse Kaspersky products?\n    Ms. Manfra. I can also not comment on that in this forum, \nsir.\n    Senator Cotton. I don't even have to ask, Dr. Liles. You're \nreaching for your microphone.\n    Dr. Liles. Yes, sir. I can't comment either.\n    Senator Cotton. Okay. Senator Risch says he'll answer, but \nI'll let him speak for himself at a later time.\n    Mr. Priestap, we've talked a lot about Russia's intent and \nactivities in our elections, but I think it's important that \nthe American people realize that it goes much farther than just \nelections and the 2016 campaign, as well. Isn't it true that \nRussian cyber actors have been probing U.S. critical \ninfrastructure for years?\n    Mr. Priestap. Yes, sir. I can't go into specifics, but they \nprobe a lot of things of critical importance to this country.\n    Senator Cotton. And as the head of counterintelligence, you \nwrite in your statement, that quote, ``Russia's 2016 \nPresidential election influence effort was its boldest to date \nin the United States,'' which implies there have been previous \nefforts. You also say that the FBI had to strengthen the \nintelligence community assessment because of our history \ninvestigating Russia's intelligence operations within the \nUnited States. Both of which suggest that this keeps you pretty \nbusy in your portfolio at counterintelligence, is that right?\n    Mr. Priestap. That's correct.\n    Senator Cotton. And this Russian intelligence threat is not \njust a cyber threat, either. It also is a threat from \ntraditional human intelligence, or what a layman might call \nspies, is that right?\n    Mr. Priestap. Yes, sir.\n    Senator Cotton. Do so-called diplomats who work down out of \nthe Russian embassy in Washington, D.C., have the requirement \nto notify our State Department in advance if they plan to \ntravel more than 25 miles, and give that notification 48 hours \nin advance?\n    Mr. Priestap. They do.\n    Senator Cotton. And the State Department's supposed to \nnotify the FBI in advance of those travel arrangements, \ncorrect?\n    Mr. Priestap. Yes.\n    Senator Cotton. Is it true that the Russian nationals often \nfail to give that notification at all, or they give it at, say, \n4:55 on a Friday afternoon before a weekend trip?\n    Mr. Priestap. I'd prefer not to go into those details here, \nbut--I'll leave it at that.\n    Senator Cotton. Does it complicate you and your agents' \nefforts to conduct your counterintelligence mission to have \nRussian nationals wandering around the country more than 25 \nmiles outside their duty assignment?\n    Mr. Priestap. Sure. If that were to happen, that would \nabsolutely complicate our efforts.\n    Senator Cotton. The Secretary of Defense recently indicated \nat an Armed Services Committee hearing that Russia is in \nviolation of something called the Open Skies Treaty, a treaty \nwe have with Russia and other nations that allow us to overfly \ntheir territory and take pictures and they do the same here. Do \nwe see so-called Russian diplomats traveling to places that are \nin conjunction with Open Skies flights that Russia's conducting \nin this country?\n    Mr. Priestap. I'm sorry, I just can't comment on that here.\n    Senator Cotton. Okay. Last summer, an American diplomat in \nMoscow was brutally assaulted on the doorstep of our embassy in \nMoscow. Did we take any steps to retaliate against Russia for \nthat assault in Moscow? Did we declare persona non grata any of \ntheir so-called diplomats here in the United States?\n    Mr. Priestap. If I recall correctly, we didn't immediately \ndo anything in that regard.\n    Senator Cotton. Okay. This Committee passed unanimously in \nCommittee last year something that just passed as part of the \nomnibus spending bill in April a provision that would require, \none, the State Department to notify the FBI of any requests for \nRussian diplomats to travel more than 25 miles outside their \nembassy and to report violations to you.\n    It further requires the State Department to report those \nviolations regularly to this Committee. What's the status of \nthat provision now that it's been in law for about two months? \nIs the State Department cooperating more fully with you?\n    Mr. Priestap. I guess I'd rather not comment on that here. \nWe're still working through the implementation of that.\n    Senator Cotton. Well, I certainly hope they start.\n    Thank you.\n    Chairman Burr. Senator Harris.\n    Senator Harris. Thank you.\n    Ms. Manfra, you mentioned that you notified the owners. I'm \nnot clear on who the owners are. Are they the vendors?\n    Ms. Manfra. What I meant to clarify is in some case it may \nnot be the secretary of state or the state election director \nwho owns that particular system. So in some cases it could be a \nlocality or a vendor.\n    Senator Harris. So is there a policy of who should be \nnotified when you suspect that there's a threat?\n    Ms. Manfra. We are working through that policy with the \nsecretaries of state. That is one of the commitments that we \nmade to them, and election directors, in order to ensure that \nthey have appropriate information, while preserving the \nconfidentiality of the victim publicly.\n    Senator Harris. And can you tell us which states--in which \nstates you notified the vendor instead of notifying the \nsecretary of state?\n    Ms. Manfra. We keep the vendor information confidential as \nwell.\n    Senator Harris. Are there states that you notified where \nyou did not notify the person who was elected by the people of \nthat State to oversee elections?\n    Ms. Manfra. I don't believe that's the case, but I will get \nback to you with a definitive answer.\n    Senator Harris. And how specific was the warning that you \nsent? What exactly is it that you notified the states or the \nvendors of?\n    Ms. Manfra. Depending on the scenario and the information \nthat we had--and more generally, what we do is when we get \nclassified information we look to declassify as much as \npossible to enable----\n    Senator Harris. Let's talk about the election, yes.\n    Ms. Manfra. So for this particular one, what we took was \ntechnical information that we had, that we believed was \nsuspicious, and that was emanating from Russia, and was \ntargeting their system. We asked them to look at their system. \nWe asked--and this was part of the broader dissemination as \nwell--we asked all states to look at their system, to identify \nwhether they had an intrusion or whether they blocked it. In \nmost cases, they blocked it.\n    Senator Harris. Do you have a copy with you of the \nnotification you sent to these various vendors or states?\n    Ms. Manfra. I do not, ma'am, but we can get back to you.\n    Senator Harris. Okay, and will you provide this Committee \nwith a copy of the notification you sent to those states or \nvendors?\n    Ms. Manfra. Many of them were done in person, but what I \ncan show you is the technical information. That was also rolled \nup in the information that we published in December, but I can \nshow you what we provided to the states and localities.\n    Senator Harris. And did you notify each of them the same \nway? Or did you tailor the notification to each State?\n    Ms. Manfra. We tailor the notification. It's a process for \nall victim or potential victim notifications, us and the FBI. \nSo sometimes it may be an FBI field agent that goes out there, \nsometimes it may be a Department official that goes out there.\n    Senator Harris. Okay. So in your follow-up to the \nCommittee, please provide us with specifically who notified \neach State, and then who in that State was notified, the vendor \nor the State election official, and also what specifically they \nwere notified of.\n    In 2007, California worked with leading security \nresearchers--the secretary of state at the time was Deborah \nBowen--and they instituted some of the best practices, we \nbelieve, for election security. And my understanding is that it \nis considered a gold standard. So my question is, does DHS have \nthe technical capability and authority to coordinate a study \nlike that for all of the states?\n    Ms. Manfra. We do have the technical capability and \nauthority to conduct those sorts of studies, ma'am, yes.\n    Senator Harris. Have you pursued that as a viable option to \nhelp the states do everything they can to secure their systems?\n    Ms. Manfra. That is one of the areas that we're \nconsidering, yes, ma'am.\n    Senator Harris. So have you taken a look at that study that \nwas commissioned in California in 2007? And if not, I'd \nencourage that you do.\n    Ms. Manfra. I have not personally, but I will read it, \nma'am.\n    Senator Harris. And I'm also concerned that the Federal \nGovernment does not have all the information it needs in these \nsituations where there's been a breach. Is there any \nrequirement that a State notify the Federal Government when \nthey suspect there's been a breach?\n    Ms. Manfra. No, ma'am.\n    Senator Harris. And in terms of the American public and \nvoters in each of these states, can you tell me is there any \nrequirement that the State notify its residents when the State \nsuspects there may be a breach?\n    Ms. Manfra. I cannot comment. I know that multiple states \nhave different sunshine laws, etcetera, that apply to data \nbreaches within the State, so I couldn't make a general \nstatement about what their requirements are at the State level.\n    Senator Harris. And do any of you have any thoughts about \nwhether there should be such requirements, both in terms of \nstates reporting to the Federal Government and also states \nreporting to their own residents and citizens about any \nbreaches of their election system?\n    Ms. Manfra. Required data breach reporting is a complicated \narea. We prefer, and we've had a fair amount of success with, \nvoluntary reporting and partnerships, but we'd be happy to work \nwith your staff in further understanding how that might apply \nhere.\n    Senator Harris. Okay, I appreciate that. Any other thoughts \nas we think about how we can improve notification and sharing \nof information?\n    [No response.]\n    No. Okay, thank you.\n    Chairman Burr. Before I move to Senator Reed, let me just \nsay that, since a number of members have questioned the \nagencies, especially those that are here, and the sharing with \nCongress of the investigation, I'll just say that the Chair and \nthe Vice Chair were briefed at the earliest possible time and \ncontinued to be briefed throughout the process, and then it was \nopened up to all the members of the Committee. I'm not sure \nthat I had ever shared that with everybody, but I just want to \nmake sure that everybody's aware of that.\n    Senator Reed.\n    Senator Reed. Thanks very much, Mr. Chairman.\n    Thank you very much, ladies and gentlemen. Let's start with \nMr. Priestap. Are you aware of any direction or guidance from \nPresident Trump to conduct this investigation about the Russian \ninterest in our elections?\n    Mr. Priestap. Sir, I can't comment on that. It could be \npotentially related to things under the Special Counsel's \npurview.\n    Senator Reed. Thank you.\n    Ms. Manfra, in terms of the Department of Homeland \nSecurity, are you aware of any direction by the President to \nconduct these types of operations or your investigations?\n    Ms. Manfra. Sir, to clarify the question, direction from \nthe President to----\n    Senator Reed. That the President of the United States has \ndirected that the Department of Homeland Security and other \nFederal agencies conduct the activities that you're conducting, \nessentially an investigation into the Russian hacking in the \nelection.\n    Ms. Manfra. I can't comment on the President's directions \nspecifically, but our Secretary is committed to understanding \nwhat happened, ensuring that we are better protected in the \nfuture, so our activities are fully supported.\n    Senator Reed. He has not communicated that this is at the \ndirection of the President of the United States?\n    Ms. Manfra. No, sir.\n    Senator Reed. Dr. Liles.\n    Dr. Liles. Sir, this comes directly--the IC has been \nworking on this for quite a while, and the Secretary has \ncompletely supported it.\n    Senator Reed. But again, no----\n    Dr. Liles. Nothing from the President directly, sir.\n    Senator Reed. Thank you.\n    I thought Senator King raised some very interesting issues \nin terms of most elections, national elections, as much you \nlike to think about it, particularly from Rhode Island, are not \ndecided in certain states, but decided even in certain cities \nand counties, which raised an interesting question. You were \nvery assertive about that you'd be able to diagnose an \nintrusion that was altering voter--votes, literally. When could \nyou do that? Within weeks of an election, on Election Day, \nafter Election Day?\n    Dr. Liles. Sir, from an IC perspective, the way we would do \nthat is by looking at the threats themselves that were \ntargeting the specific entities. And the other element that we \nwould look at is, as the reporting itself was coming in, if \nthere was any statistical anomalies in what we were seeing.\n    And I'd also point out that we're talking about Internet-\nconnected systems here, and not all of the key counties that \nyou would represent would be those Internet-connected systems.\n    Senator Reed. But, effectively, I think what you've said is \nthat you'd really have to wait for confirmation until the \nresults started coming in on Election Day, which raises the \nissue of, even if you detect it on Election Day, what do we do? \nThe votes have already been cast.\n    Are you--is anyone planning on--what's the--what reaction \nwe take? How do we notify people? What are--what steps do we \ntake?\n    Dr. Liles. I'd have to defer that to others.\n    Ms. Manfra. Yes, sir. And I do want to clarify, when we say \nthat that activity would be difficult to detect, it would be--\nor difficult to go on undetected, it would--that we're \ndiscussing both at the polling station or the jurisdiction, \nthat it would be hard for somebody to do that without anybody, \nnot necessarily that the Department would have that immediate \ninsight.\n    And to answer your question, yes, that is absolutely \nsomething that is a part of our planning and what we would look \nforward to partnering with the State and local officials on \nunderstanding.\n    Senator Reed. So we're, again, about 18 months away from \nelection. We have to be able to develop, not technical \ninfrastructure, but an organizational infrastructure that could \nreact, maybe on very short notice, to discovery that actual \nvotes were being tampered. Is that accurate?\n    Ms. Manfra. Absolutely, sir. It is both technical and \norganizational.\n    Senator Reed. And do you think there's enough emphasis in \nterms of the resources and support to do that, the \ncollaboration? You got 50 states and among those states many of \nthe voting jurisdictions are not at the State level; they're \nthe city and town. Are we taking it serious enough? I guess \nthat's the issue.\n    Ms. Manfra. Absolutely, sir. This is one of our highest \npriorities. And I would also note that we're not just looking \nahead to 2018, as election officials remind me routinely that \nelections are conducted on a regular basis. And so--highest \npriority, sir. Yes.\n    Senator Reed. Let me ask, Mr. Priestap. If I've pronounced \nit incorrectly, forgive me. But you testified today, and your \ncolleagues, that information was exfiltrated by the Russians. \nWhat type of information was taken and what could it be used \nfor?\n    Mr. Priestap. Yes. I don't want to get into the details of \nwhat victim information was taken. Again, we've got a variety \nof pending investigations. But again, it could be used for a \nvariety of purposes. It could have been taken to understand \nwhat's in those systems. It could have been taken to use to try \nto target--learn more about individuals, so that they could be \ntargeted.\n    It could have been taken in a way to then publicize, just \nto send a message that a foreign adversary has the ability to \ntake things and to sow doubt in our voters' minds.\n    Senator Reed. Let me ask you this question, as a judgment. \nGiven the activities that the Russians have deployed, \nsignificant resources, constant effort over--as you, the \nintelligence community--probably a decade, do you think they \nhave a better grasp of the vulnerabilities of the American \nvoting system than you have?\n    Mr. Priestap. I hope not. I think it's an excellent \nquestion and I can--well, first of all, I hope not and I don't \nthink so. But if they did, I don't think they do any more.\n    Senator Reed. Thank you very much.\n    Chairman Burr. Thank you, Senator Reed.\n    Before we move to the second panel, one last question, Mr. \nPriestap, for you. Is there any evidence that the attempt to \npenetrate the DNC was for the purposes of launching this \nelection year intrusion process that they went on? Or was this \nat the time one of multiple fishing expeditions that existed by \nRussian actors in the United States?\n    Mr. Priestap. In my opinion, it was one of many efforts. \nYou'd call it a fishing expedition, but to determine, again, \nwhat's out there, what intelligence can they collect. So they \ndon't go after one place. They go after lots of places and \nthen----\n    Chairman Burr. Tens? Hundreds? Thousands?\n    Mr. Priestap. Hundreds, at least hundreds.\n    Chairman Burr. Okay.\n    I want to wrap up the first panel with just a slight recap. \nI think you have thoroughly covered that there's no question \nthat Russia carried out attacks on State election systems. No \nvote tallies were affected or affected the outcome of the \nelections. Russia continues to engage in exploitation of the \nU.S. elections process and elections are now considered a \ncritical infrastructure, which is extremely important and does \nbring some interesting potential new guidelines that might \napply to other areas of critical infrastructure that we have \nnot thought of because of the autonomy of each individual State \nand the control within their State of their election systems.\n    So I'm sure this will be further discussed as the \nappropriate committees talk about Federal jurisdiction, where \nthat extends to. And clearly, I think it's this Committee's \nresponsibility as we wrap up our investigation to hand off to \nthat Committee somewhat of a road map from what we've learned \nare areas that we need to address, and we will work very \nclosely with DHS and with the Bureau as we do that.\n    With that, I will dismiss the first panel and call up the \nsecond panel.\n    [Pause.]\n    Chairman Burr. I'd like to call the second panel to order, \nand ask those visitors to please take their seats. As we move \ninto our second panel this morning, our hearing is shifting \nfrom a Federal Government focus to a State-level focus. During \nthis second panel, we'll gain insight into the experiences of \nthe states in 2016, as well as hear about efforts to maintain \nelection security moving forward.\n    For our second panel, I'd like to welcome our witnesses: \nthe Honorable Connie Lawson, President-elect of the National \nAssociation of Secretaries of State and the Secretary of State \nof Indiana; Michael Haas, the Midwest Regional Representative \nto the National Association of State Election Directors and the \nAdministrator of the Wisconsin Election Commission; Steve \nSandvoss, Executive Director of the Illinois State Board of \nElections; and Dr. J. Alex Halderman, Professor of Computer \nScience and Engineering, University of Michigan.\n    Thank you all for being here. Collectively, you bring a \nwealth of knowledge and a depth of understanding of our State \nelection systems, potential vulnerabilities of our voting \nprocess and procedures, and the mitigation measures we need to \ntake at the State level to protect the foundation of American \ndemocracy.\n    In January of this year, then-Secretary of Homeland \nSecurity Jeh Johnson designated the election infrastructure \nused in Federal elections as a component of U.S. critical \ninfrastructure. DHS stated that the designation established \nelection infrastructure as a priority within the national \ninfrastructure protection plan. It enabled the Department to \nprioritize our cybersecurity assistance to State and local \nelection officials for those who requested it, and made it \npublicly known that the election infrastructure enjoys all the \nbenefits and protections of critical infrastructure that the \nU.S. government has to offer.\n    Some of your colleagues objected to this designation, \nseeing it as Federal Government interference. Today I'd like to \nhear your views on this specifically, but more broadly how the \nstates and the Federal Government can best work together. I'm a \nproud defender of states' rights but this could easily be a \nmoment of ``divided we fall.'' We must set aside our suspicions \nand see this for what it is, an opportunity to unite against a \ncommon threat. Together, we can bring considerable resources to \nbear and keep the election system safe.\n    Again, I'd like to thank our witnesses for being here, and \nat this time I'd turn to the Vice Chairman for any comments he \nmight make.\n    The Vice Chairman doesn't have any.\n    I will assume, Mr. Haas, that by some process you have been \nelected to go first, unless there is an agreement--which--where \nare we going to start?\n    Mr. Haas. Actually, I think we were going to defer to \nSecretary Lawson to start, if that's okay with the Chair.\n    Chairman Burr. Madam Secretary, you are recognized.\n\n     STATEMENT OF CONNIE LAWSON, PRESIDENT-ELECT, NATIONAL \n ASSOCIATION OF SECRETARIES OF STATE, AND SECRETARY OF STATE, \n                        STATE OF INDIANA\n\n    Ms. Lawson. Well, good morning, Chairman Burr and Vice \nChairman Warner and distinguished members of the Committee. I \nwant to thank you for the chance to appear before you today. \nIt's an honor to represent the Nation's secretaries of state, \n40 of whom serve as chief State election officials.\n    I am Connie Lawson, Indiana Secretary of State, and I'm \nalso President-Elect of the bipartisan National Association of \nSecretaries of State. I'm here to discuss our capacity to \nsecure State and locally-run elections from very significant \nand persistent nation state cyber threats.\n    With statewide elections in New Jersey and Virginia this \nyear and many more contests to follow in 2018, I want to assure \nyou and all Americans that election officials across the United \nStates are taking cybersecurity very seriously. First and \nforemost, this hearing offers a chance to separate facts from \nfiction regarding the 2016 presidential election. As noted many \ntimes, we have seen no evidence that vote casting or counting \nwas subject to manipulation in any State or locality, nor do we \nhave any reason to question the results.\n    Just a quick summary of what we know about documented \nforeign targeting of State and local election systems. In the \n2016 election cycle, as confirmed by the Department of Homeland \nSecurity, no major cybersecurity issues were reported on \nElection Day, November 8. Last summer, our intelligence \nagencies found that up to 20 State networks had been probed by \nentities essentially rattling the door knobs to check for \nunlocked doors. Foreign-based hackers were able to gain access \nto voter registration systems in Arizona and Illinois, \nprompting the FBI to warn State election offices to increase \ntheir election security measures for the November election.\n    In more recent days, we've learned from a TOP SECRET NSA \nreport that the identity of a company providing voter \nregistration support services in several states was \ncompromised.\n    Of course, it's gravely concerning that election officials \nhave only recently learned about the threats outlined in the \nleaked NSA report, especially given the fact that the former \nDHS Secretary Jeh Johnson repeatedly told my colleagues and I \nthat no specific or credible threats existed in the fall of \n2016. It is unclear why our intelligence agencies would \nwithhold timely and specific threat information from election \nofficials.\n    I have every confidence that other panelists will address \nvoting equipment risk and conceptual attack scenarios for you \ntoday. But I want to emphasize some systemic safeguards that we \nhave against cyber attackers. Our system is complex and \ndecentralized, with a great deal of agility and low levels of \nconnectivity. Even within states, much diversity can exist from \none locality to the next. This autonomy serves as a check on \nthe capabilities of nefarious actors.\n    I also want to mention the recent designation of election \nsystems as critical infrastructure. Real issues exist with the \ndesignation, including a lack of clear parameters around the \norder, which currently provides DHS and other Federal agencies \nwith a large amount of unchecked executive authority over our \nelection's process. At no time between August of 2016 and \nJanuary of 2017 did NASS and its members ever have a thorough \ndiscussion with DHS on what the designation means.\n    Threat-sharing had been touted as a key justification for \nthe designation. Yet, nearly six months later, no secretary of \nstate is currently authorized to receive classified threat \ninformation from our intelligence agencies.\n    From information gaps to knowledge gaps that aren't being \naddressed, this process threatens to erode public confidence in \nthe election process as much as any foreign cyber threat. It's \nalso shredding the rights that states hold to determine their \nown election procedures subject to the acts of Congress. If the \ndesignation ultimately reduces diversity and autonomy in our \nvoting process, the potential for adverse effects from \nperceived or real cyber effects--attacks excuse me--will likely \nbe much greater and not the other way around.\n    Looking ahead, the National Association--the NASS Election \nSecurity Task Force was created to ensure that State election \nofficials are working together to combat threats and foster \neffective partnerships with the Federal Government and other \npublic-private stakeholders. In guarding against cyber threats, \nthe trend line is positive, but more can be done. Most notably, \nmany states and localities are working to replace or upgrade \ntheir voting equipment.\n    If I have one major request for you today, other than \nrescinding the critical infrastructure designation for \nelections, it is to help election officials get access to \nclassified information-sharing. We need this information to \ndefend State elections from foreign interference and respond to \nthreats.\n    Thank you, and I look forward to answering your questions.\n    [The prepared statement of Ms. Lawson follows:]\n    \n[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    \n    \n    \n    \n    Chairman Burr. Thank you, Secretary Lawson.\n    Who would like to--Mr. Haas.\n\n  STATEMENT OF MICHAEL HAAS, MIDWEST REGIONAL REPRESENTATIVE, \n        NATIONAL ASSOCIATION OF STATE ELECTION DIRECTORS\n\n    Mr. Haas. Thank you. Good morning.\n    Chairman Burr, Vice Chairman Warner and Committee members: \nOn behalf of the National Association of State Election \nDirectors, thank you for this opportunity to share what states \nlearned from the 2016 elections and some steps that we are \ntaking to further secure our election systems.\n    I serve as Wisconsin's chief election official, and I'm a \nmember of NASED's executive board. We do not have a State \nelected official who oversees elections in Wisconsin. Many of \nour State election directors across the country are housed in \nthe secretary of state's offices, but some are not.\n    The 2016 presidential election reinforced several basic \nlessons, although sometimes in a new context. For instance, all \nof us understand the importance of constant and effective \ncommunication to ensure that all actors have the tools they \nneed. The new twist in 2016, of course, involved communicating \nabout the security of election systems with the Department of \nHomeland Security as well as the State staff who provide cyber \nsecurity protection to our voter registration databases.\n    As we have heard this morning, some states have expressed \nconcerns about the timeliness and the details of communications \nfrom Homeland Security regarding potential threats, security \nthreats to State election systems. The recent reports about \nattempted attacks on State voter registration systems, which \noccurred last fall, caught many states by surprise.\n    We look forward to working with DHS and other Federal \nofficials to develop protocols and expectations for \ncommunicating similar information going forward. For example, \nState election officials believe it is important that we be in \nthe loop regarding contacts that DHS has with local election \nofficials regarding security threats such as the spear phishing \nattempts that were recently publicized. States should be aware \nof this information to protect their systems and so that we can \nprovide additional training and guidance to local election \nofficials.\n    I appreciate the concern that was expressed this morning \nthat this is a two-way street. And we at the State level need \nto also think carefully about how to most effectively \ncommunicate with our local election officials if and when there \nis an incident that we are aware of at the State level.\n    As part of the DHS designation of election systems as \ncritical infrastructure, bodies such as coordinating councils \ncan help to facilitate decisions regarding the proper balance \nbetween notifying State and local officials and protecting \nconfidential or sensitive information.\n    NASED believes that those coordinating bodies should \nconsist of a broad representation of stakeholders, and we have \nexpressed our strong interest to DHS in participating on those \nbodies.\n    I would also note that the executive board of NASED \nsupports the request of the U.S. Elections Assistance \nCommission that it serves as the co-sector specific--specific \nagency as the logical Federal agency to partner with DHS to \nprovide subject matter expertise and assistance in \ncommunicating with local election officials, as the EAC has \nthat communications structure already in place.\n    The 2016 elections also reinforced the need for constantly \nenhancing the security of voter registration databases, as we \nhave heard this morning. While hacking into a voter \nregistration system has no effect on tabulating election \nresults, intrusions could result in unauthorized parties \ngaining access to data regarding voters, candidates, ballot \ncontests, and polling places.\n    I would note that, while much of that information is public \nupon request, there may be some confidential data held in those \ndatabases, such as the voter's date of birth, the driver \nlicense number, the last four digits of the social security \nnumber. Different states have different laws about what pieces \nof that data are confidential.\n    The 2016 elections demonstrated that State and local \nelection officials can implement steps to improve the security \nof voter data, and that many of these steps are not \ncomplicated. In addition to the cyber hygiene scans and risk \nassessments, states are implementing greater use of multi-\nfactor authentication for users of our systems, updating \nfirewalls, the use of white lists to block unauthorized users, \nand completely blocking access from any foreign IP address.\n    The final lesson of 2016 I would like to address relates to \nvoting equipment. To be clear, as it has been said many times \nthis morning, there is no evidence that voting machines or \nelection results have been altered in U.S. elections. I \nappreciate the Committee's emphasis on that. I think that for \nthe public that cannot be stated enough and strongly enough.\n    Still, we as election administrators must exercise \nvigilance to assure that such theoretical attacks do not become \nreality, and we must also continue to educate the public about \nsafeguards in the system. Those safeguards include the \ndecentralized structure of elections that we've heard about \nthis morning and the diversity of voting equipment. Also, in \nmost cases voting equipment is not connected to the Internet \nand therefore cannot be attacked through cyber space. Also it \nis important to keep in mind that three out of four ballots \ncast in American elections are on paper ballots. Most ballots \ncast on touchscreen equipment also have a paper trail that \nvoters can immediately verify their votes and that election \nofficials can use for audits and recounts.\n    There are also several redundancies in the testing and \ncertification of voting equipment. It's important to realize \nthat voting equipment is not only used on Election Day. Its \nfunctionality is tested several times during the process.\n    In short, the 2016 elections taught us that the potential \nfor disrupting election processes and technology by foreign or \ndomestic actors is a serious and increasing concern. However, \nwe as State election directors believe that continued \ncooperation and more effective communication, along with \ncontinued vigilance and innovation, will ensure the integrity \nof our voting processes and election results.\n    Again, we look forward to working with our Federal partners \nas we plan for elections going forward. Thank you for the \nopportunity to share these thoughts and I'd be happy to answer \nany questions.\n    [The prepared statement of Mr. Haas follows:]\n    \n[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    \n    \n   \n    \n    Chairman Burr. Thank you, Mr. Haas.\n    Mr. Sandvoss.\n\n  STATEMENT OF STEVE SANDVOSS, EXECUTIVE DIRECTOR OF ILLINOIS \n                    STATE BOARD OF ELECTIONS\n\n    Mr. Sandvoss. Good morning. Thank you, Chairman Burr, Vice \nChairman Warner, and distinguished members of the Committee.\n    As Director of the State Board of Elections, I'd just like \nto briefly describe what our agency does. We are an independent \nbipartisan agency created by the 1970 Illinois Constitution, \ncharged with general supervision over the election and \nregistration laws in the State of Illinois.\n    As all of you seem to be aware, almost a year ago today, on \nJune 23rd, the Illinois State Board of Elections was the victim \nof a malicious cyber attack of unknown origin against the \nIllinois voter registration system database. Because of the \ninitial low-volume nature of the attack, the State Board of \nElections staff did not become aware of it at first.\n    Almost three weeks later, on July 12th, State Board of \nElections IT staff was made aware of performance issues with \nthe IVRS database server. The processor's usage had spiked to \n100 percent with no explanation. Analysis of the server logs \nrevealed that the heavy load was a result of rapidly repeated \ndatabase queries on the application status page of our \npaperless online voter application website.\n    Additionally, the server log showed the database queries \nwere malicious in nature. It was a form of cyber attack known \nas SQL, which is ``structured query language injection.'' SQL \ninjections are essentially unauthorized malicious database \nqueries entered into a data field in a web-based application. \nWe later determined that these SQLs originated from several \nforeign-based IP addresses.\n    SBE programmers immediately introduced code changes to \neliminate this particular vulnerability in our website. The \nfollowing day, on July 13th, the SBE IT made the decision to \ntake the website and IVRS database offline to investigate the \nseverity of the attack. SBE staff maintained the ability to log \nand view all site access attempts.\n    Malicious traffic from the IP addresses continued, though \nit was blocked at the firewall level. Firewall monitoring \nindicated that the attackers were hitting SBE IP addresses five \ntimes per second, 24 hours a day. These attacks continued until \nAugust 12th, when they abruptly ceased.\n    SBE staff began working to determine the extent of the \nbreech, analyzing the integrity of the IVRS database and \nintroducing security enhancements to the IVRS web servers and \ndatabase.\n    A week later, on July 19th, we notified the Illinois \nGeneral Assembly of the security breech in accordance with the \nPersonal Information Protection Act. In addition, we notified \nthe Attorney General's office. On July 21st, the State Board of \nElections' IT staff completed security enhancements and began \nto bring the IVRS system back on line. A week after that, on \nJuly 28th, both the Illinois registration system and the \npaperless online voting application became totally functional \nonce again.\n    Since the attack occurred, the State Board of Elections has \nmaintained the following ongoing activities. The DHS scans the \nState Board of Elections systems for vulnerabilities on a \nweekly basis. The Illinois Department of Innovation and \nTechnology, which is a statewide entity that coordinates the IT \nsystems of many of the Illinois State agencies, continuously \nmonitors activity on the Illinois Century Network, which is the \ngeneral network that provides firewall protection for the State \ncomputer systems.\n    This Department of Innovation and Technology, also called \nDOIT, provided cyber security awareness training for all State \nof Illinois employees, ours included. Now the State Board of \nElection's IT staff continues to monitor web server and \nfirewall logs on a daily basis. And in addition, virus \nprotection software is downloaded also on a daily basis.\n    As a result of informing the Illinois Attorney General's \noffice of the breach, the State Board of Elections was \ncontacted by the Federal Bureau of Investigation, and we have \nfully cooperated with the FBI in their ongoing investigation. \nThe FBI advised that we work with the Department of Homeland \nSecurity's United States Computer Emergency Readiness Team to \nensure that there is no ongoing malicious activity on any of \nthe SBE systems. They also confirmed--that is, the Department \nof Homeland Security also confirmed--that there's no ongoing \nmalicious activity occurring in SBE computer systems.\n    To comply with the Personal Information Protection Act, \nnearly 76,000 registered voters were contacted as potential \nvictims of the data breach. The SBE provided information to \nthese individuals on steps to take if they felt that they were \nthe victims of identity theft. Additionally, the SBE developed \nan online tool to inform affected individuals of the specific \ninformation that was included in their voter record that may \nhave been compromised.\n    As far as looking for future concerns, one of the concerns \nfacing our State and many others we believe is aging voting \nequipment. The Help America Vote Act established requirements \nfor voting equipment, but while initial funding was made \navailable to replace the old punch-card equipment, additional \nfunding has not been further appropriated.\n    If additional funding is not available, we would like to \nreceive authorization to use the State's existing HAVA funds to \nallow spending on enhanced security across all election-related \nsystems. The IVRS database is a Federal mandate through the \nHelp America Vote Act.\n    Cyber attacks targeting end users are also of particular \nconcern. Security training funded and provided by a Federal \nentity such as the EAC or DHS would also be beneficial in our \nview. In addition, any guidance or recommendations as to \nmethods for the protection of registration and voting systems \nfrom cyber intrusions are always welcome.\n    Thank you for the time, and I'm happy to answer any \nquestions.\n    [The prepared statement of Mr. Sandvoss follows:]\n   \n[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]   \n    \n   \n    \n    Chairman Burr. Thank you, Mr. Sandvoss.\n    Dr. Halderman.\n\n STATEMENT OF J. ALEX HALDERMAN, Ph.D., PROFESSOR OF COMPUTER \n        SCIENCE AND ENGINEERING, UNIVERSITY OF MICHIGAN\n\n    Dr. Halderman. Chairman Burr, Vice Chairman Warner, and \nmembers of the Committee: Thank you for inviting me to speak \nwith you today about the security of U.S. elections.\n    I'm a Professor of Computer Science and have spent the last \n10 years studying the electronic voting systems that our Nation \nrelies on. My conclusion from that work is that our highly \ncomputerized election infrastructure is vulnerable to sabotage \nand even to cyber attacks that could change votes. These \nrealities risk making our election results more difficult for \nthe American people to trust.\n    I know America's voting machines are vulnerable because my \ncolleagues and I have hacked them repeatedly as part of a \ndecade of research studying the technology that operates \nelections and learning how to make it stronger. We've created \nattacks that can spread from machine to machine, like a \ncomputer virus, and silently change election outcomes. We've \nstudied touchscreen and optical scan systems, and in every \nsingle case we found ways for attackers to sabotage machines \nand to steal votes. These capabilities are certainly within \nreach for America's enemies.\n    As you know, states choose their own voting technology and, \nwhile some states are doing well with security, others are \nalarmingly vulnerable. This puts the entire Nation at risk. In \nclose elections, an attacker can probe the most important swing \nstates or swing counties, find areas with the weakest \nprotection, and strike there. In a close election year, \nchanging a few votes in key localities could be enough to tip \nnational results.\n    The key lesson from 2016 is that these threats are real. \nWe've heard that Russian efforts to target voter registration \nsystems struck 21 states, and we've seen reports detailing \nefforts to spread an attack from an election technology vendor \nto local election offices. Attacking vendors and municipalities \ncould have put Russia in a position to sabotage equipment on \nElection Day, causing machines or poll books to fail, and \ncausing long lines or disruption. They could have engineered \nthis chaos to have a partisan effect by striking places that \nlean heavily towards one candidate.\n    Some say the fact that voting machines aren't directly \nconnected to the Internet makes them secure, but unfortunately, \nthis is not true. Voting machines are not as distant from the \nInternet as they may seem. Before every election, they need to \nbe programmed with races and candidates. That programming is \ncreated on a desktop computer, then transferred to voting \nmachines. If Russia infiltrated these election management \ncomputers, it could have spread a vote-stealing attack to vast \nnumbers of machines.\n    I don't know how far Russia got or whether they managed to \ninterfere with equipment on Election Day, but there's no doubt \nthat Russia has the technical ability to commit widespread \nattacks against our voting system, as do other hostile nations. \nI agree with James Comey when he warned here two weeks ago: We \nknow they're coming after America, and they'll be back. We must \nstart preparing now.\n    Fortunately, there's a broad consensus among cybersecurity \nexperts about measures that would make America's election \ninfrastructure much harder to attack. I've co-signed a letter \nthat I've entered into the record from over 100 leading \ncomputer scientists, security experts, and election officials \nthat recommends three essential steps.\n    First, we need to upgrade obsolete and vulnerable voting \nmachines, such as paperless touchscreens, and replace them with \noptical scanners that count paper ballots. This is a technology \nthat 36 states already use. Paper provides a physical record of \nthe vote that simply can't be hacked.\n    President Trump made this point well on Fox News the \nmorning after--the morning of the election. He said, ``There's \nsomething really nice about the old paper ballot system. You \ndon't worry about hacking.''\n    Second, we need to use the paper to make sure that the \ncomputer results are right. This is a common-sense quality \ncontrol and it should be routine. Using what's known as a risk-\nlimiting audit, officials can check a small, random sample of \nthe ballots to quickly and affordably provide high assurance \nthat the election outcome was correct. Only two states, \nColorado and New Mexico, currently conduct audits that are \nrobust enough to reliably detect cyber attacks.\n    Lastly, we need to harden our systems against sabotage and \nraise the bar for attacks of all sorts by conducting \ncomprehensive threat assessments and applying cybersecurity \nbest practices to the design of voting equipment and the \nmanagement of elections.\n    These are affordable fixes. Replacing insecure paperless \nvoting machines nationwide would cost $130 million to $400 \nmillion. Running risk-limiting audits nationally for Federal \nelections would cost less than $20 million a year. These \namounts are vanishingly small compared to the national security \nimprovement they buy.\n    State and local election officials have an extremely \ndifficult job, even without having to worry about cyber attacks \nby hostile governments. But the Federal Government can make \nprudent investments to help them secure elections and uphold \nvoters' confidence. We all want election results that we can \ntrust.\n    If Congress works closely with the states, we can upgrade \nour election infrastructure in time for 2018 and 2020. But if \nwe fail to act, I think it's only a matter of time until a \nmajor election is disrupted or stolen in a cyber attack.\n    Thank you for the opportunity to testify today and for your \nleadership on this critical matter. I look forward to answering \nany questions.\n    [The prepared statement of Dr. Halderman follows:]\n    \n[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]    \n    \n   \n    \n    Chairman Burr. Dr. Halderman, thank you.\n    The Chair would recognize himself for five minutes. Members \nwill be recognized by seniority.\n    Secretary Lawson, in how many states is the secretary of \nstate in charge of the elections process, do you know?\n    Ms. Lawson. Yes, sir. It's 40.\n    I'm sorry. Yes, sir. It's 40.\n    Chairman Burr. Okay. Would you be specific: What do the \nsecretary of states do--what is it they do not like about \nelections being designated critical infrastructure?\n    Ms. Lawson. The most important issue, sir, is that there \nhave been no clear parameters set and, even after the three \ncalls that we had with Secretary Jeh Johnson before the \ndesignation was made, we consistently asked for what would be \ndifferent if the designation was made and how we would \ncommunicate. Would it be any different----\n    Chairman Burr. So nothing has negatively happened except \nthat you don't have the guidance to know what to do?\n    Ms. Lawson. Nothing has negatively happened to this date, \nbut also nothing positive has happened.\n    Chairman Burr. Got it. Got it.\n    Mr. Sandvoss, Illinois is one of the few states that have \npublicly been identified. I guess that's in part because you \ntook the initiative to do it. You gave a good chronology: 23 \nJune, first sign; 12 July, State IT staff took action; 12 \nAugust, the attacks stopped.\n    At what point was the State of Illinois contacted by any \nFederal entity about their system having been attacked or was \nit the State of Illinois that contacted the Federal Government?\n    Mr. Sandvoss. We were contacted by the FBI--I don't have \nthe exact date, but it was after we had referred the matter to \nthe Attorney General's office. My guess would be probably a \nweek after.\n    Chairman Burr. A week after----\n    Mr. Sandvoss. After the AG was notified by us of this \nbreach.\n    Chairman Burr. And the AG was notified approximately when?\n    Mr. Sandvoss. On July 19th.\n    Chairman Burr. July 19th. Okay.\n    At what point did the State of Illinois know that it was \nthe Russians?\n    Mr. Sandvoss. Actually, to this day we don't know with \ncertainty that it was the Russians. We've never been told by \nany official entity. The only one that we're aware of that was \ninvestigating was the FBI and they have not told us \ndefinitively that it was the Russians. Our IT staff was able to \nidentify, I think it was, seven IP addresses from a foreign \nlocation, I believe it was The Netherlands. But that doesn't \nmean that the attack originated in the Netherlands. We have no \nidea where it originated from.\n    Chairman Burr. Did your IT staff have some initial \nassessments on their own?\n    Mr. Sandvoss. No, because I think any--anything of that \nnature would have been speculative and we didn't want to do \nthat. I think we wanted to leave that to the professional \ninvestigators.\n    Chairman Burr. You gave an update on what you're currently \ndoing to enhance the security: DHS weekly security checks. Has \nthe Federal--in your estimation, has the Federal Government \nresponded appropriately to date?\n    Mr. Sandvoss. I believe they have, yes. I've heard nothing \nfrom our IT division and they'd be the persons that would know. \nI've heard nothing from them that the DHS's work in that matter \nhas been less than satisfactory.\n    Chairman Burr. Let me ask all of you, except for you, Mr. \nSandvoss: Do you believe the extent of cyber threats to \nelection systems should be made public before the next election \ncycle? Should we identify those states that were targeted, Mr. \nHaas?\n    Mr. Haas. I think as election directors we're certainly \nsensitive to the balance that Homeland Security and others need \nto make. I think so far, as far as we've gone, we want to know \nas the victims or potential victims. And then I think as part \nof the coordinating council and designation of critical \ninfrastructure, there has to be a conversation amongst the \nelection----\n    Chairman Burr. Is there a right of the public in your State \nto know?\n    Mr. Haas. Yes, I believe there is. If there was a hack into \nour system, I think that we would certainly want to consult our \nstatutes and so forth, but we would--we believe in \ntransparency. We would want to let the public know.\n    Chairman Burr. Dr. Halderman.\n    Dr. Halderman. I think the public needs details about these \nattacks and about the vulnerabilities of the system, in order \nto make informed decisions about how we can make the system \nbetter and to provide the resources that election officials \nneed. So, yes.\n    Chairman Burr. Okay.\n    Secretary Lawson.\n    Ms. Lawson. I lay awake at night worrying about public \nconfidence in our election systems, and so I think we need to \nbe very careful and we need to balance the information, because \nthe worst thing that we can do is make people think that their \nvote doesn't count or it could be canceled out.\n    And so if telling the public that, you know, that these \nattacks are out there and our systems are vulnerable and it \ndoesn't undermine confidence, it makes them know that we are \ndoing everything we possibly can to stop those attacks, I'd be \nin favor of it.\n    Chairman Burr. I take for granted none of you at the table \nhave evidence that vote tallies were altered in the 2016 \nelection?\n    Dr. Halderman. Correct.\n    Chairman Burr. Dr. Halderman, before I recognize the Vice \nChairman real quickly: When you and your colleagues hacked \nelection systems, did you get caught?\n    Dr. Halderman. We hacked election systems as part of \nacademic research, where we had machines in our facilities----\n    Chairman Burr. I get that. Did you get caught? Did they see \nyour intrusion into their systems?\n    Dr. Halderman. The one instance when I was invited to hack \na real voting system while people were watching, was in \nWashington, D.C., in 2010, and in that instance it took less \nthan 48 hours for us to change all the votes and we were not \ncaught.\n    Chairman Burr. Vice Chairman.\n    Vice Chairman Warner. I'd like to thank all the witnesses \nfor their testimony. I find a little stunning, Mr. Sandvoss, \nyour answer. I don't know--I think if you saw the preceding \npanel, you had the DHS and the FBI unambiguously say that it \nwas the Russians who hacked into these 21 systems, and I find \nit a little strange that they've not relayed that information \nto you.\n    What we discovered in the earlier testimony is that we \nfinally got public disclosure that 21 states were attacked, and \nunder questioning from Senator Harris we found that, even \nthough we know those 21 states were attempted to be hacked \ninto, or doors rattled or whatever analogy you want to use, in \nmany cases the State election officials, whether the State \ndirectors or the secretaries of state, may not even have been \nnotified.\n    I find that stunning. And clearly lots of local elected \nofficials, local election officials, where the activities \nreally take place, haven't been notified. So I've got a series \nof questions and I'd ask for fairly brief responses.\n    Dr. Halderman, can you just again restate--as Senator King \nmentioned in the earlier testimony, you don't need to disrupt a \nwhole system. You could disrupt a single jurisdiction in a \nState, and if you could in effect wipe that ledger clean, you \ncould invalidate potentially not just that local election, but \nthen the results at the State, the Congressional level, the \nstates, and ultimately the Nation, is that not correct?\n    Dr. Halderman. Yes, that's correct.\n    Vice Chairman Warner. So we are not--while it's important \nand I believe in our decentralized system, we are only as \nstrong as our weakest link. Is that not correct?\n    Dr. Halderman. That's correct.\n    Vice Chairman Warner. Mr. Haas and Secretary Lawson, do you \nbelieve that all 21 states that were attacked, that the State \nelection officials are aware?\n    Ms. Lawson. I can't answer that question, sir. I'm not \ncertain. I will tell you that Indiana has not been notified. I \ndon't know if we're even on the list.\n    Mr. Haas. I don't know for sure, except that DHS did \nindicate in a teleconference that all the states that were \nattacked have been notified.\n    Vice Chairman Warner. We were told earlier that that's not \nthe case. We were told that they may have been--the vendors may \nhave been notified. So do you know whether Wisconsin was \nattacked?\n    Mr. Haas. We have not been told that we were--that there \nwas an attack on Wisconsin.\n    Vice Chairman Warner. Are you comfortable, either one of \nyou, with not having that knowledge?\n    Ms. Lawson. We are hypersensitive about our security and I \nwould say that when the FBI sent the notice in September for \nstates to look for certain IP addresses to see if their systems \nhad been penetrated or attempted to be penetrated, we \nabsolutely searched. In fact, we looked at 15,500,000 log-ins \nthat had happened in our system since the 1st of January that \nyear. So we believe that our system has not been hacked.\n    Mr. Haas. I would also state that both our office and the \nchief information officer of the State and his office would \nlikely be able to detect if the system was hacked.\n    Vice Chairman Warner. Well just, we've got the two leading \nState election officials not knowing whether their states were \none of the 21 that at least the Russians probed--let me finish, \nplease. And you know, I see--I understand the balance. But the \nnotion that State election officials wouldn't know, that local \nelection officials clearly haven't been notified--I appreciate \nthe Chairman's offer. The Chairman and I are going to write a \nletter to all the states: If you view yourself as victims, I \nthink there is a public obligation to disclose. Again, not to \nre-litigate 2016, but to make sure that we're prepared for \n2017, where I have State elections in my State this year, and \n2018. And to do otherwise--because there are some, there are \nsome still in the political process, that believe this whole \nRussian incursion into our elections is a witch hunt and fake \nnews.\n    So I could very easily see some local elected officials \nsaying: ``This is not a problem, this is not a bother; I don't \nneed to tighten up my security procedures at all.'' And that \nwould do a huge, huge disservice to the very trust, Secretary \nLawson, that you say you want to try to present and provide for \nour voters.\n    So I hope when you receive the letter from our--and we'll \nwrite this on a confidential basis, but that you would urge \nyour colleagues to come forward, again not to embarrass any \nState. But I find it totally unacceptable, one, that the public \ndoesn't know, that local elected officials--local election \nofficials don't know, that you as two, as the leaders of the \nState election officials, don't even know whether your states \nwere part of the 21 that has been testified by the DHS that at \nleast they were, if not looked at, door jiggled, or actually, \nas the case in Illinois, where actual information from the \nvoter registration efforts were exfiltrated.\n    So my hope is that you will work with us on a cooperative \nbasis and we want to make sure that the DHS and others are \nbetter at sharing information and you get those classified \nbriefings that you deserve.\n    Chairman Burr. Senator Risch.\n    Senator Risch. Thank you very much.\n    Mr. Sandvoss, July 12th was the date that you first \ndiscovered that you had issues, is that right?\n    Mr. Sandvoss. Yes, that's correct.\n    Senator Risch. And that was a result of a high-volume \nspike. Is that correct?\n    Mr. Sandvoss. Yes, that is correct.\n    Senator Risch. Then when you looked at it, you found out \nthat the intrusion attempts actually had started June 23rd, is \nthat correct?\n    Mr. Sandvoss. Yes.\n    Senator Risch. So--and those were low-volume spikes, \nstarting on June 23rd?\n    Mr. Sandvoss. Yes.\n    Senator Risch. All right. So if they had never cranked up \nthe volume, is it fair to say you would have never discovered \nit or probably wouldn't have discovered it?\n    Mr. Sandvoss. I would say it would probably not have been \ndiscovered, certainly not right away. And if it was--the volume \nwas low enough, even an analysis of our server logs might not \ncatch something like that, because it wouldn't stand out. So I \nthink the answer to your question is yes.\n    Senator Risch. Then you said 12--or seven days later, the \n19th, you notified the Attorney General. Is that right?\n    Mr. Sandvoss. Yes, correct.\n    Senator Risch. That was the Illinois Attorney General, not \nthe U.S. Attorney General, is that correct?\n    Mr. Sandvoss. Yes. State law requires that we notify the \nAttorney General in these instances.\n    Senator Risch. So then the next thing that happened is you \nwere contacted by the FBI. Is that correct?\n    Mr. Sandvoss. Yes.\n    Senator Risch. All right. So the question I've got--I'm \njust trying to get an understanding of the facts--are you \nassuming that the Illinois AG contacted the FBI, or do you know \nthat or not know that, or----\n    Mr. Sandvoss. I don't know that for sure, but I would \nsuspect that they probably did, because how else would the FBI \nknow?\n    Senator Risch. Right. Well, and that's kind of where I was \ngetting, is that was not the result of some Federal analysis, \nthat there wasn't a Federal analysis of this that turned up \nwhat had actually happened. Is that a fair statement?\n    Mr. Sandvoss. I believe so, yes.\n    Senator Risch. Okay. You then did some things to try to \nmitigate what had happened. Have you shared this with other \nstates as to what you had done, in order to, I don't know, \ndevelop a best practices, if you would?\n    Mr. Sandvoss. We didn't have any formal notification to all \n50 states, no. I think our focus at that time was trying to \nrepair the damage and assess, you know, what needed to be done, \nespecially with respect to the voters who had their information \naccessed.\n    I believe that once the FBI became aware of this, I know \nthey contacted the different states. I don't believe our \nAttorney General's office did, although I don't know that for \ncertain. But we did not have any formal communication with all \n50 states regarding this.\n    Senator Risch. And do you believe that you have developed a \nbest-practices action after this attack that you've described \nfor us?\n    Mr. Sandvoss. I believe so, yes.\n    Senator Risch. Do you think it would be appropriate for you \nto get that out through the secretary of states organization or \nother organizations, so that other states could have that?\n    Mr. Sandvoss. Certainly. Absolutely.\n    Senator Risch. Okay.\n    Mr. Halderman, Your hacking that you've described for us, \nwould your ability--if you were sitting in Russia right now and \nwanted to do the same thing that you had done, would that \nability be dependent upon the machines or whatever system is \nused being connected to the Internet?\n    Dr. Halderman. That ability would depend on whether pieces \nof election IT equipment, IT offices that are where the \nelection programming is prepared, are ever connected to \nInternet. The machines themselves don't have to be directly \nconnected to the Internet for a remote attacker to target them.\n    Senator Risch. So would you recommend that the voting \nsystem be disconnected from the Internet, that it be a \nstandalone system that can't be accessed from the outside?\n    Dr. Halderman. It's a best practice, certainly, to isolate \nvote tabulation equipment as much as possible from the \nInternet, including isolating the systems that are used to \nprogram it.\n    But other pieces of election infrastructure that are \ncritical, such as electronic poll books or online registration \nsystems, do sometimes need to be connected to Internet--to \nsystems that have Internet access.\n    Senator Risch. But that wouldn't necessarily require that \nit be connected to the Internet for the actual voting process. \nIs that right?\n    Dr. Halderman. That's right.\n    Senator Risch. And then the extrication of that information \noff of the voting machine, would that be fair?\n    Dr. Halderman. I think that's fair to say.\n    Senator Risch. Thank you.\n    Mr. Chairman, I think all of this really needs to be \ndrilled down a little bit further, because it seems to me, with \nthis experience, there's probably some pretty good information \nwhere you could put a firewall in place to stop it, or at least \nminimize it.\n    Thank you.\n    Chairman Burr. Senator Wyden.\n    Senator Wyden. Thank you, Mr. Chairman. And thank all of \nyou.\n    I want to start with you, Professor Halderman. What are the \ndangers of manipulation of voter registration databases, \nparticularly if it isn't apparent until Election Day when \npeople show up at the polls to vote?\n    Dr. Halderman. I'm concerned that manipulating voter \nregistration databases could be used to try to sabotage the \nelection process on Election Day. If voters are removed from \nthe registration database and then they show up on Election \nDay, that's going to cause problems. If voters are added to the \nvoter registration database, that could be used to conduct \nfurther attacks.\n    Senator Wyden. Let me ask--and this can be directed at any \nof you. I'm trying to get my arms around this role of \ncontractors and subcontractors and vendors who are involved in \nelections. Any idea, even a ball park number, of how many of \nthese people there are? 10, 70, 200?\n    Dr. Halderman. Vendors that host the voter registration \nsystem?\n    Vice Chairman Warner. Yes.\n    Dr. Halderman. I'm sorry, Senator, I don't have a number.\n    Ms. Lawson. Sir, I don't have an exact number either, but I \nwill tell you, in Indiana, for an example, we have six \ndifferent voting system types. Counties make that decision on \ntheir own. But they are all certified by our voting system \ntechnical oversight program.\n    Senator Wyden. That was my main question. So somebody is \ndoing certification over these contractors and subcontractors \nand equipment vendors and the like? Does that include voting \nmachines, by the way?\n    Ms. Lawson. It does. Most states will have a mechanism to \ncertify the voting machines that they're using, the electronic \npoll books they're using, the tabulation machines that they're \nusing, making sure that they comply with Federal and State law, \nand making sure that they have the audit processes in place.\n    Senator Wyden. So do you all have a high degree of \nconfidence that these certification processes are not leaving \nthis other world of subcontractors and the like vulnerable?\n    Dr. Halderman. I have several concerns about the \ncertification processes, including that some states do not \nrequire certification to Federal standards; that the Federal \nstandards that we have are unfortunately long overdue for an \nupdate and have significant gaps when it comes to security; and \nthat the certification process doesn't necessarily cover all of \nthe actors that are involved in that process, including the \nday-to-day operations of companies that do pre-election \nprogramming.\n    Senator Wyden. One last question. We Oregonians and a \nnumber of my colleagues are supportive of our efforts to take \nvote-by-mail national. And we've had it. I was in effect the \ncountry's first Senator elected by vote-by-mail in 1996. We've \ngot a paper trail. We've got air gap computers. We've got \nplenty of time to correct voter registration problems if there \nare any.\n    Aren't those the key elements of trying to get on top of \nthis? Because it seems to me, particularly the paper trail--if \nyou want to send a message to the people who are putting at \nrisk the integrity of our electoral institutions, having a \npaper trail is just fundamental to being able to have the \nbackup we need.\n    I think you're nodding affirmatively, Professor Halderman, \nso I'm kind of inclined--or one of you two at the end were \nnodding affirmatively, and I'll quit while I'm ahead if that \nwas the case. But would either of you like to take that on?\n    Dr. Halderman. Vote-by-mail has significant cybersecurity \nbenefits. It's very difficult to hack a vote-by-mail system \nfrom an office in Moscow. Whether vote-by-mail is appropriate \nfor every State in every context is in our system of course a \nmatter for the states, but I think it offers positive security \nbenefits.\n    Senator Wyden. All right.\n    Thank you, Mr. Chairman.\n    Chairman Burr. Senator Blunt.\n    Senator Blunt. Dr. Halderman, on that last answer to that \nlast question, how do you count vote-by-mail ballots?\n    Dr. Halderman. Generally, they would be counted using \noptical scanners.\n    Senator Blunt. Exactly. So you count them the same way you \ncount ballots that aren't vote-by-mail in almost every \njurisdiction?\n    Dr. Halderman. If the optical scan ballots are subsequently \naudited, you can get high security from that process, but yes.\n    Senator Blunt. Well that's a different--that's a different \nquestion. Your question there is do you prefer paper ballots \nand an audit trail, and I do too. But let's not assume that the \nvote-by-mail ballots are counted any differently. They're \ncounted probably at a more central location, but that doesn't \nmean that all the manipulation you talked about that we need to \nprotect against wouldn't happen in a vote-by-mail election. \nYou've got a way to go back and you've got a paper trail to \ncount.\n    Dr. Halderman. That's correct. There are three things you \nneed: paper, auditing, and otherwise good security practices.\n    Senator Blunt. While I've got you there, on auditing, how \nwould you audit a non-paper system? If it's a touchscreen \nsystem--you mentioned Colorado, and New Mexico already did a \nrequired sample audit, which I'm certainly not opposed to that \nif that's what states want to do, or it's the best thing to do. \nHow would you do a non-paper audit?\n    Dr. Halderman. Senator, I think it would be difficult or \nimpossible to audit non-paper systems with the technology that \nwe use in the United States to a high level of assurance.\n    Senator Blunt. So even if you--if you don't have something \nto audit, it's pretty hard to audit a system that counted--that \ndidn't leave a trail.\n    Dr. Halderman. It's basically impossible.\n    Senator Blunt. So, Mr. Sandvoss, in Illinois do you certify \ncounting systems?\n    Mr. Sandvoss. Yes, we do.\n    Senator Blunt. And Secretary Lawson, do you certify \ncounting systems?\n    Ms. Lawson. Yes, sir.\n    Senator Blunt. Mr. Haas, in your, your jurisdiction, \nsomebody is certifying those systems that you use?\n    Mr. Haas. We both rely on the EAC certification and then \nour commission does a testing protocol and then approves the \nequipment to be used in the State of Wisconsin.\n    Senator Blunt. And back in Illinois, do you then monitor in \nany way that counting system while it's doing the actual \ncounting?\n    Mr. Sandvoss. No, the actual counting done on Election Day, \nElection Night rather, is done locally at the county clerk's \noffices or board of election commissioner offices. We certify \nthe voting equipment. They have to apply for certification and \napproval, which we conduct a fairly rigorous test of the voting \nequipment. But then in actual practice, other than--we do \nconduct pre-election tests of the voting equipment on a random \nbasis before each election, but there--it's a limited number of \njurisdictions.\n    Senator Blunt. And do you do that in a way that allows you \nfrom your central office to get into the local system? Or do \nyou go to the local jurisdictions or just monitor how they \ncount that--how they, how they check that counting system?\n    Mr. Sandvoss. When we do our pre-election tests, we \nactually visit the jurisdiction.\n    Senator Blunt. All right.\n    Secretary Lawson, similar?\n    Ms. Lawson. Similar. However, the State does not go into \nthe counties, but the counties are required to do a public test \nand, as I mentioned, it's public. And so they're required to do \ntesting on the machines, the tabulation. There's a bipartisan \nelection board that's there----\n    Senator Blunt. I guess the point I'd want to drive home \nthere is that not opening that door to the counting system--if \nyou don't have the door, nobody else can get through that door \nas well. But there's monitoring, there's local testing.\n    I don't suggest at all that Dr. Halderman's comments aren't \nimportant or something we should guard against. I was an \nelection official for 20 years, including the chief election \nofficial for 8 of those, and something--as we were \ntransitioning to these systems, something I was always \nconcerned about is what could possibly be done that could be \ndone and undetected.\n    One of the reasons I always liked the audit trail--that \nobviously, Dr. Halderman, you do, you do too, is that you do \nhave something to go back, if you have a reason to go back, and \nreally determine what happened on Election Day.\n    Let's talk for just a moment about the much more open \nregistration system. Secretary Lawson, you said you had 15,500 \nlogins. I believe that was--talk about logging--what are they \nlogging into there? The statewide voter registration system \nthat you maintain a copy of?\n    Ms. Lawson. The 92 county clerks in Indiana are connected \nto the statewide voter registration system, and that 15,500,000 \nlogins reflected the work that they did that year.\n    Senator Blunt. 15,500,000?\n    Ms. Lawson. 15,500,000.\n    Senator Blunt. So obviously that's a system that has lots \nof people coming in and out of that system all the time. Do \nlocal jurisdictions, like if the library does registration, do \nyou have counties where they can also put those registrations \ndirectly into the system?\n    Ms. Lawson. Other than the counties, no, sir. But we do \nhave Indianavoters.com, where a voter can go on and register \nthemselves. And it's a record that is compared to the DMV \nrecord, and then the counties will find that information in \ntheir hopper the next day. And then they will--or their \ncomputer system, and then the next day they will have the \nability to determine whether or not the application is correct.\n    Senator Blunt. Do all of your jurisdictions, the three \njurisdictions here reflected, have some kind of provisional \nvoting? If you get to the voting place on Election Day and your \naddress is wrong, or your name is wrong, or it doesn't occur--\nit doesn't appear at all, do you have a way somebody can cast a \nballot before they leave?\n    Ms. Lawson. Yes, sir.\n    Senator Blunt. And in Illinois?\n    Mr. Sandvoss. Yes, we do.\n    Mr. Haas. We have provisional ballots, but they are very \nlimited. We are not an NVRA State. And we also have Election \nDay registration, so people can register at the polls.\n    Senator Blunt. So, the failure to have your name properly \non the--I understand, Chairman, and I also noticed the time on \nothers. But just, the registration system is much more open \nthan the tallying system, that doesn't mean the tallying system \ndoesn't need to be further protected. But the registration \nsystem, the idea that somebody gets into the registration \nsystem--there are plenty of ways to do that. Unfortunately, we \nthink now other countries and governments may be doing that as \nwell.\n    Chairman Burr. Senator King.\n    Senator King. Thank you, Mr. Chairman.\n    Dr. Halderman, you're pretty good at hacking voting \nmachines, by your testimony. Do you think the Russians are as \ngood as you?\n    Dr. Halderman. The Russians have the resources of a nation \nstate. I would say their capabilities would significantly \nexceed mine.\n    Senator King. I expected that was going to be your answer, \nbut I wasn't sure whether your modesty would--but I think \nthat's an important point, because you testified here today \nthat you were able to hack into a voting machine in 48 hours, \nchange the results, and nobody knew you had done it. And if you \ncould do it, I think the point is the Russians could do it if \nthey chose.\n    And we've been talking a lot about registrations lists. My \nunderstanding is that quite often a voter registration list at \nsome point in the process is linked up with--the computer that \nhas the voter registration list is linked up with configuring \nthe voting machines, and perhaps even tallying votes. Is that \ntrue? Can any of you----\n    Ms. Lawson. No, sir.\n    Senator King. There's no connection between the \nregistration list and the voting machines?\n    Ms. Lawson. No.\n    Senator King. Illinois? Is that----\n    Mr. Sandvoss. Not in Illinois, no.\n    Senator King. Okay.\n    Mr. Haas. That's correct.\n    Senator King. Then I was mistaken.\n    Yes, Dr. Halderman?\n    Dr. Halderman. I believe that depends on the specific \nequipment involved. There may be some designs of voting systems \nwhere the sign-in and the vote counting system are linked.\n    Senator King. But of course, if, as you testified I think, \nif the voting registration list is tampered with in some way on \nElection Day, it would be chaos if names disappeared, people \narrived at the polls and their names weren't on the list. Isn't \nthat correct, Ms. Lawson?\n    Ms. Lawson. If a person showed up at the polls to vote and \ntheir name wasn't on the list, if they were expecting they \nwould be given a provisional ballot, I think the biggest danger \nis that the lines at the polls would increase significantly if \nthere was a large number of folks who had to do that in each \nprecinct.\n    Senator King. Right, that was what I was referring to.\n    On August 1 of 2016, press reports have indicated that \nthere was an FBI notification to all of their field offices \nabout the danger of cyber intrusions into voting systems. \nSupposedly, those were passed on to State election systems. Did \nyou three get something from the FBI around August 1st that \ngave IP addresses and some warnings about what should be done?\n    Mr. Sandvoss. Yes, we did receive an FBI flash. It was in \nAugust, and you're saying the 1st. I believe that was it.\n    Senator King. That was, yes, I understand that was the date \nof it. Ms. Lawson, did you receive that?\n    Ms. Lawson. Yes, Indiana received a notice from the FBI.\n    Mr. Haas. We did as well.\n    Senator King. So there is some interconnection. I mean, one \nof the things that I'm sort of hearing, and I'm frankly \nappreciative and happy that you all did receive that notice, \nbut there seems to be a lack of information-sharing that goes \non that we really need to be sure that--for example, if you \nlearn--if something happens in Illinois, some system whereby \nyou can alert your colleagues across the country to look out \nfor this. And if we learn things here in Washington, if the FBI \nlearns things, that they can alert people around the country, \nbecause the best time to deal with this is before the election. \nAfter the election or on Election Day is much more difficult.\n    Dr. Halderman.\n    Dr. Halderman. Yes, I would support further information \nsharing.\n    Senator King. And then finally, we've talked about what we \ndo about this. Paper trails has come up. Is that the principal \ndefense? Is that--Dr. Halderman, what if--I asked the question \nto the prior panel. What would you tell my elections clerk in \nBrunswick, Maine, would be the three things most important that \nthey should do, or my Secretary of State in Maine, to protect \nthemselves against a threat we know is coming?\n    Dr. Halderman. The most important things are to make sure \nwe have votes recorded on paper, paper ballots, which just \ncannot be changed in a cyber attack, that we look at enough of \nthat paper in a post-election, risk-limiting audit, to know \nthat they haven't--the electronic records haven't been changed; \nand then, to make sure we are generally increasing the level of \nour cyber security practice. Information-sharing is an example \nof a good and recommended practice, as are firewalling systems \nand other things that have been suggested.\n    Senator King. One final question. Is it possible--and there \nare some press reports about this--a cyber attack on the \nvendors of these machines, to somehow tamper with the machines \nbefore they go out to the states. Is that a risk?\n    Dr. Halderman. I would be concerned about that. And in fact \nthe small number of vendors is an example of how our system in \npractice is not quite as decentralized as it may appear, that \nattacks spreading via vendors or from vendors to their \ncustomers could be a way to reach voting equipment over a very \nlarge area.\n    Senator King. And there have been press reports that that \nin fact, was attempted in 2016.\n    Dr. Halderman. Yes, that's correct.\n    Senator King. Thank you, Mr. Chairman. Mr. Chairman, I want \nto thank you for holding this hearing. This is such important \ninformation for the public and for our democracy. I appreciate \nyour work here.\n    Chairman Burr. Thank you, Senator.\n    Senator Harris.\n    Senator Harris. Thank you.\n    So there's a saying that I'm sure many of you have heard, \nwhich is the you know the difference between being hacked and \nnot being hacked, is knowing you've been hacked. And so I \nappreciate, Dr. Halderman, the recommendations that you and \nyour colleagues have made, because it also seems to cover the \nvarious elements of what we need to do to protect ourselves as \na country in terms of our elections, which is prevention, and \nthen there's the issue of detection and also resilience. Once \nwe--if we discover that we've been manipulated, let's have the \nability to stand back up as quickly as possible.\n    So I have a few questions in that regard. First of all, \nhave each of you--you received for the states, received a \nnotification from the FBI? Is that correct?\n    Ms. Lawson. Yes, ma'am.\n    Mr. Haas. Yes, yes.\n    Mr. Sandvoss. Yes.\n    Senator Harris. And were any of you also notified by DHS? \nMr. Sandvoss?\n    Mr. Sandvoss. We've had communications with DHS. I don't \nrecall how they were initiated. But I do know that there have \nbeen some conference calls with them, and it may have been \nthrough the FBI that that occurred.\n    Senator Harris. And I'm speaking of before the 2016 \nelection.\n    Mr. Sandvoss. Yes.\n    Senator Harris. Yes.\n    Mr. Sandvoss. Yes.\n    Senator Harris. Secretary Lawson.\n    Ms. Lawson. Yes, we had--we did have conversations with \nDepartment of Homeland Security. However, it was through our \nnational association. It was not a direct contact with the \nState.\n    Senator Harris. Thank you.\n    Mr. Haas. We were one of the states that took up DHS on \ntheir offers to do the cyber hygiene scan. We did have a number \nof communications with, I believe, a point person in their \nChicago office. The FBI alert I think was about a specific \nincident, but our communications with DHS were more about \ngeneral steps that could be taken to protect our systems.\n    Senator Harris. So as a follow-up to this hearing, if each \nof you, to the extent that you can recall the nature of those \nconversations with DHS before the election, if you could share \nthat with the Committee that would be helpful, so we can figure \nout how notifications might be more helpful to you in the \nfuture. Hopefully they're not necessary, but if necessary.\n    Can you, Ms. Lawson, tell me--Secretary Lawson--what in \nyour opinion are the pros and cons of requiring states to \nreport to the Federal Government if there's been a breach or a \nhack? What can you imagine would be the pros and cons of a \npolicy that would require that?\n    Ms. Lawson. Well, the pro would be that if there--if, for \nan example, the FBI or the Department of Homeland Security has \nbetter ways to counter those attacks, or to make sure that the \nreconnaissance that's done after such an attack is more \nsophisticated than the states, then obviously that would be a \npro.\n    Indiana did not take the opportunity to have DHS do our \ncyber cleaning because we felt that we were in better shape \nthan what they could provide for us, so that would be the con.\n    Senator Harris. Okay.\n    And can you, Professor Halderman, tell me--you know, before \nthis last election cycle, there had been a lot of talk through \nthe years in various states--Senator Blunt, I'm sure you were \npart of those discussions--about the efficacy of online voting, \nbecause it would bring convenience, speed, efficiency, \naccuracy. And now we can see that there will be great, \npotentially, vulnerabilities by doing that. So can you talk \nwith me a little about, just in terms of policy, is the day of \ndiscussing the need for online voting, has that day passed \nbecause of the vulnerabilities that are associated with that?\n    Dr. Halderman. I think that online voting, unfortunately, \nwould be painting a bullseye on our election system. Today's \ntechnology just does not provide the level of security \nassurance for an online election that you would need in order \nfor voters to have high confidence.\n    And I say that having myself done--hacked an online voting \nsystem that was about to be used in real elections, having \nfound vulnerabilities in online voting systems that are used in \nother countries. The technology just isn't ready for use.\n    Senator Harris. And isn't that the irony, that the \nprofessor of computer engineering and I, who always believed \nthat we need to do more to adopt technology, that government \nneeds to adopt technology, I think we're advocating the good \nold days of paper voting are the way to go, or at least an \nemphasis on that, instead of using technology to vote.\n    Can you tell me also--any of you, if you know--it's my \nunderstanding that some of the election system vendors have \nrequired states to sign agreements that prevent or inhibit \nindependent security testing. Are you familiar with that?\n    Dr. Halderman. That certainly had been something that \ninhibited attempts by researchers like me to study election \nsystems in the past.\n    Senator Harris. And do you believe that that's a practice \nthat is continuing?\n    Dr. Halderman. I do not--I don't know the answer to that \nquestion.\n    Senator Harris. Have any of you had that experience with \nany of your vendors?\n    Mr. Sandvoss. In Illinois, no, we have not. And I don't \nthink Illinois law would allow such an agreement.\n    Ms. Lawson. I don't believe that would happen in Indiana \neither, Senator, because in order to sell voting equipment in \nthe State of Indiana it has to be certified.\n    Senator Harris. Right, which would require testing.\n    Ms. Lawson. Yes, which requires testing.\n    Senator Harris. Thank you.\n    Thank you, Mr. Chairman. Thank you.\n    Chairman Burr. Thank you, Senator Harris.\n    Does any Senators seek additional questions or time?\n    [No response.]\n    Seeing none, let me wrap up. I want to thank all of you for \nyour testimony today.\n    Secretary Lawson, to you. I really encourage you, as the \nnext representative of secretaries of states, to remain engaged \nwith the Federal Government, specifically the Department of \nHomeland Security. And I think with any transition of an \nadministration there is a handoff and a ramp-up. And I've been \nextremely impressed with our witness from DHS, who not only was \nhere today, but she has taken the bull by the horns on this \nissue. And I think you'll see those guidelines very quickly, \nand I hope that there will be some interaction between \nsecretaries of states, since in 40 states you control the \nvoting process, and you can find a system of Federal guidance \nand collaboration that works comfortably with every secretary \nof state in your organization.\n    I think it is absolutely critical that we have not only a \ncollaboration, but a communication, between the Federal \nGovernment and the states as it relates to our voting systems. \nIf not, I fear that there would be an attempt to in some way, \nshape, or form nationalize that. That is not the answer.\n    And I'll continue to point, Mr. Sandvoss, to Illinois as a \ngreat example of a State that apparently focused on the IT \ninfrastructure and staff, and didn't wait for the Federal \nGovernment to knock on the door and say, hey, you got a \nproblem. You identified your problem, you began to remediate \nit. At some point, the Federal Government came in as a partner. \nAnd I think where we see our greatest strength is to work with \nstates and to chase people like you, Dr. Halderman, who like to \nbreak into--no, I'm just kidding with you.\n    Listen, I think what you did is important. And I think the \nquestions that you raised about the fact that you really can \ntarget to make the impact of what you're trying to do very, \nvery effective. And that's clearly what campaigns do every day. \nSo we shouldn't be surprised if the Russians actually looked at \nthat or anybody else who wants to intrude into our voting \nsystem and our democracy in this country.\n    I've got to admit that the variation of voting methods, six \nin Indiana, where I don't know how many counties you've got--\nI've got 100 counties in North Carolina. It may be that I find \nout that every county in North Carolina has the power to \ndetermine what voting machines, what voting software they have.\n    This can get extremely complicated. Short of trying to \nstandardize everything, which I don't think is the answer, is \nhow do we create the mechanism for the Federal Government to \ncollaborate directly with those heads of election systems in \nthe states and understand up front what we bring to the table \nand how we bring it, so that we're all looking at the same \nthing--the integrity of every vote going to exactly who it was \nintended to do.\n    So, yes, we're going to have debates on paper or \nelectronic. We're going to have debates on what should the \nFederal role be. At the end of the day, if we haven't got \ncooperation and collaboration and communication, I will assure \nyou we will be here with another Congress, with another makeup \nof the Committee, asking the same questions, because we won't \nhave fixed it.\n    But I think that what Dr. Halderman has said to us is, \nthere are some ways that we can collectively approach this to \nwhere our certainty of intrusions in the future can go down and \nthe accuracy of the vote totals can be certified.\n    So I thank all the four of you for being here today in our \nsecond panel. This hearing is now adjourned.\n    [Whereupon, at 12:36 p.m., the hearing was adjourned.]\n\n                         Supplemental Material\n                         \n                         \n[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]                         \n                         \n\n\n  \n\n                                  <all>\n</pre></body></html>\n"