WASHINGTON (CBS) — A Senate Intelligence Committee report on Thursday indicated that Russian hackers “were in a position to delete or change voter data” in Illinois in 2016, but found no evidence that such a thing happened.
The report also found that Russia targeted election systems in all 50 states.
The New York Times reported that the bipartisan report warned that the U.S. is still vulnerable to hacking in elections to come. But its findings were largely redacted.
“In June 2016, Illinois experienced the first known breach by Russian actors of state election infrastructure during the 2016 election. As of the end of 2018, the Russian cyber actors had successfully penetrated Illinois’s voter registration database, viewed multiple database tables, and accessed up to 200,000 voter registration records,” the report said. “The compromise resulted in the exfiltration of an unknown quantity of voter registration data. Russian cyber actors were in a position to delete or change voter data, but the Committee is not aware of any evidence that they did so.”
Still, the compromised voter registration database held records related to 14 million registered voters – including information about each voter’s name, address, partial Social Security number, date of birth, and driver’s license or state ID number, the report said.
“DHS staff further recounted to the Committee that ‘Russia would have had the ability to potentially manipulate some of that data, but we didn’t see that,’” the report said. “Further, DHS staff noted that ‘the level of access that they gained, they almost certainly could have done more. Why they didn’t… is sort of an open-ended question. I think it fits under the larger umbrella of undermining confidence in the election by tipping their hand that they had this level of access or showing that they were capable of getting it.’”
Illinois officials said the database had been frequently targeted by hackers, but the 2016 incident was the first known time that anyone was successful.
Illinois State Board of Elections Executive Director Steve Sandvoss told the Senate Intelligence Committee that a foreign actor had penetrated the Illinois databases through an SQL attack on June 23, 2016. The Board of Elections did not notice at first “because of the initial low-volume nature of the attack,” the report said.
Three weeks later on July 12, 2016, IT staff discovered some spikes in data flow on the voter registration database server, which turned out to be attributable to “rapidly repeated database queries on the application status page of our paperless online voter application website,” the report said.
The database was pulled offline, but the board continued to see activity from the malicious IP address. The attacks continued until Aug. 12, 2016, when they “abruptly ceased,” the report said.
The Illinois General Assembly, the Illinois Attorney General’s office, and the FBI all got involved, the report said.
As quoted by the Times, the report as a whole described “an unprecedented level of activity against state election infrastructure” that sought to exploit vulnerabilities in election systems.
The issue of Russian hackers targeting Illinois election systems in 2016 has been known for several years. In June 2017, a report leaked and published on the website The Intercept indicated that Russian hackers tried to get into the Illinois election database.
Last year, a grand jury indictment of 12 Russian intelligence officers provided further details. After the indictment was handed down, Illinois election officials acknowledged the previously known hack was connected to the Russian agents.
Officials at that time said Russians never attempted to infiltrate systems that actually count votes.
U.S. intelligence agencies have said the interference was aimed at helping the presidential campaign of Republican Donald Trump and harming the election bid of his Democratic opponent, Hillary Clinton.