Russia report

I read the Russia election-tampering report. Here are some highlights.

It’s not a hoax. The recently released (July 25, 2019) Senate Intelligence Committee report on Russian interference in the 2016 presidential election makes that very clear. All you have to do is read it. It’s only 67 pages, and about a third of it is blocked out. But, of course, Donald Trump didn’t do that, nor did he listen to briefings that would have left no doubt that Russians not only tried, but succeeded in breaking into election databases in all 50 states—that they continued their efforts during the 2018 mid-terms, and that they’re on track to do it again in 2020, perhaps on a much larger and more damaging scale.

He doesn’t want to know. But I do, and I imagine so do many others. So, I read the report and copy/pasted some highlights, so you don’t have to. Here they are. Sub-headings in bold are my interpretations, not from the report. The excerpts are in the order in which they appear in the report.

Why they did it: Just to let us know that they can?

“While the Committee does not know with confidence what Moscow’s intentions were, Russia may have  been probing vulnerabilities in voting systems to exploit later. Alternatively, Moscow may have sought to undermine confidence in the 2016 U.S. elections simply through the discovery of their activity.”

Should we have heard more about it? Maybe not.

“In 2016, officials at all levels of government debated whether publicly acknowledging this foreign activity was the right course. Some were deeply concerned that public warnings might promote the very impression they were trying to dispel—that the voting systems were insecure.”

What were they doing, exactly? Checking to see if we’re home. Maybe they’ll come back later.

“One security expert characterized the activity as simple scanning for vulnerabilities, analogous  to somebody walking down the street and looking to  see if you are home. A small number of systems were unsuccessfully exploited, as though somebody had rattled the doorknob but was unable to get in…[however]a small number of the networks were successfully exploited. They made it through the door.”

“What  it mostly looked like to us was reconnaissance…I would have characterized it at the time as sort of conducting the reconnaissance to do the network mapping, to do the topology mapping so that you  could actually understand  the  network, establish a presence so you could  come back  later and actually execute an operation.

How widespread were the attacks? Very.

“By late August 2016…the Russians had attempted to intrude in all 50 states, based on the extent of the activity and the apparent randomness of the attempts. “My professional judgment was we have to work under the assumption that they’ve tried to go everywhere, because they’re thorough, they’re competent, they’re good.”

“Several weeks prior to the 2018 mid-term election, DHS assessed that “numerous actors are regularly targeting election infrastructure, likely for different purposes, including to cause disruptive effects, steal sensitive data, and undermine confidence in the election.”

Did they change any votes? Probably not.

“Russian intelligence obtained and maintained access to elements of multiple U.S. state or local electoral boards.  DHS assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying.”

Illinois was hit first. The attack reached deep into voter information files. Be afraid.

“In June 2016, Illinois experienced the first known breach by Russian actors of state election infrastructure during the 2016 election. As of the end of 2018, the Russian cyber actors had successfully penetrated Illinois’s voter registration database, viewed multiple database tables, and accessed up to 200,000 voter registration records. The compromise resulted in the exfiltration of an unknown quantity of voter registration data. Russian cyber actors were in a position to delete or change voter data, but the Committee is not aware of any evidence that they did so.”

“The compromised voter registration database held records relating to 14 million registered voters. Records exfiltrated included information on each voter’s name, address, partial social security number, date of birth, and either a driver’s license number or state identification number.”

“Russia would have had the ability to potentially manipulate some of that data, but we didn’t see that.” …The level of access that they gained, they almost certainly could have done more. Why they didn’t…is sort of an open-ended question. I think it fits under the larger umbrella of undermining confidence in the election by tipping their hand that they had this level of access or showing that they were capable of getting it.”

They were ballsy.

“The Russian Embassy placed a formal request to observe the elections with the Department of State, but also reached outside diplomatic channels in an attempt to secure permission directly from state and local election officials. For example, in September2016, the Secretary of State denied a request by the Russian Consul General to allow a Russian government official inside a polling station on Election Day to study US. election procedures.”

They had a Twitter campaign ready, to question the results, if Hillary Clinton had won.

“Russian diplomats were prepared to publicly call into question the validity of the results…and that pro-Kremlin bloggers had prepared a Twitter  campaign on election night in anticipation of Secretary Clinton’s victory.”

They got access via a phishing scam.

“After a county employee opened an infected email attachment, the cyber actor stole credentials, which were later posted online. Those stolen credentials were used in June 2016 to penetrate State4’s voter registration database. The actor used the credentials to access the database and was in a position to modify county, but not statewide, data.”

They were playing a long con, and still are.

“Russian intentions regarding U.S. election infrastructure remain unclear. Russia might have intended to exploit vulnerabilities in election infrastructure during the 2016 elections and, for unknown reasons, decided not to execute those options.”

“Alternatively, Russia might have sought to gather information in the conduct of traditional espionage activities.”

“Lastly, Russia might have used its activity in 2016 to catalog options or clandestine actions, holding them for use at a later date…Russia’s activities against U.S. election infrastructure likely sought to further their overarching goal; undermining the integrity of US elections.”

“It is classic Russian espionage….They will scrape up all the information and the experience they possibly can, and “they might  not be effective the first time or the fifth time, but they are going to keep at it until they can come back and do it in an effective way.”  -Andrew McCabe, former FBI Director.

Tampering with voting machine is hard. Causing election day chaos is a more achievable goal.

“While any one voting machine is fairly vulnerable, as has been demonstrated over and over again publicly, the ability to actually do an operation to change the outcome of an election on the scale you would need to, and do it surreptitiously, is incredibly difficult.”

“A much more achievable goal would be to undermine confidence in the results of the electoral process, and that could be done much more effectively and easily….A logical  thing would be, if your goal is to undermine confidence in  the U.S. electoral system— which the Russians have a long goal  of wanting to put themselves on the  same moral plane as the United States… one way would be to cause chaos on election day.”

“How could you start to do that? Mess with the voter registration databases.”

Here’s how voter-registration tampering would play out on election day:

“So if you’re a state and local entity and your voter registration database is housed in the secretary  of  state’s office  and it is not encrypted  and it’s not backed up, and it says Lisa Monaco lives at Smith Street and I show up at my [polling place] and they say ‘Well we don’t have Ms. Monaco at Smith Street, we have her at Green Street,’ now there’s difficulty in my voting. And if that were to happen on a large scale, I was worried about confusion at polling places, lack of confidence in the voting system, anger at  a large scale in some areas, confusion, distrust.”  -Lisa Monaco, US Homeland Security Advisor to President Barack Obama.

Changing elections on a large scale would be difficult, but there are ways to make a significance difference.

“The level of effort and scale required to change the outcome of a national election would make it nearly impossible to avoid detection.”

“Nationwide elections are often won or lost in a small number of precincts. A sophisticated actor could target efforts at districts where margins are already small, and disenfranchising only a small percentage of voters could have a disproportionate impact on an election’s outcome.”

Some people don’t want to talk about Russian interference at all and want the press to shut up.

“Many state election officials emphasized their concern that press coverage of, and increased attention to, election security could create the very impression the Russians were seeking to foster, namely undermining voters’ confidence in election integrity. Several insisted that when ever any official speaks publicly on this issue, they should state clearly the difference between a “scan” and a “hack,” and a few even went as far as to suggest that U.S. officials stop talking about it at all.

To talk about it or not: a dilemma for the intelligence community.

“We know that the Russians had already touched some of the electoral systems, and we know that they have capable cyber capabilities. So there was a real dilemma, even a conundrum,  in terms  of what do you do that’s going to try to stave off worse action on the part of the Russians, and what do you do that is going to…[give]the Russians what they were seeking, which was to really raise the specter that the election was not going to be  fair and unaffected.” –John Brennan, former director of the CIA

Potential problem: Only a few companies make voting machines.

“The number of vendors selling voting machines is shrinking, raising concerns about a vulnerable supply chain. A hostile actor could compromise one or two manufacturers of components and have an outsized effect on the security of the overall system.”

Some states don’t want help: They fear “a federal takeover of elections.”

In an August15, 2016, conference call with state election officials, then-Secretary Johnson told states, “we’re  in a sort of a heightened state of alertness; it behooves everyone to  do everything you can for your own cyber security leading up to the election.”

“But states pushed back. A number of state officials reacted negatively to the call.  Secretary Johnson said he was surprised/disappointed that there was a certain level of push back from at least those who spoke up…The push-back was: This is our responsibility and there should not be a  federal takeover of the election system.”

Elections are critical infrastructure.

“We should think of the electoral infrastructure as critical infrastructure…it’s just as critical for democracy as communications, electricity, water. If that doesn’t function, then your democracy doesn’t function. That is the definition of critical.”