Wikisource

Page:Report of the Select Committee on Intelligence United States Senate on Russian Active Measures Campaigns and Interference in the 2016 U.S. Election Volume 1.pdf/22

This page has been proofread, but needs to be validated.

   
COMMITTEE SENSITIVE—RUSSIA INVESTIGATION ONLY

(U) The January 6, 2017 Intelligence Community Assessment (ICA), "Assessing Russian Activities and Intentions in Recent U.S. Elections," states:

Russian intelligence obtained and maintained access to elements of multiple U.S. state or local electoral boards. DHS assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying.[1]

  Based on the Committee's review of the ICA, the Committee concurs with this assessment. The Committee found that Russian-affiliated cyber actors gained access to election infrastructure systems across two states, including successful extraction of voter data. However, none of these systems were involved in vote tallying.

1. (U) Russian Access to Election Infrastructure
Illinois

(U) In June 2016, Illinois experienced the first known breach by Russian actors of state election infrastructure during the 2016 election.[2] As of the end of 2018, the Russian cyber actors had successfully penetrated Illinois's voter registration database, viewed multiple database tables, and accessed up to 200,000 voter registration records.[3] The compromise resulted in the exfiltration of an unknown quantity of voter registration data.[4] Russian cyber actors were in a position to delete or change voter data, but the Committee is not aware of any evidence that they did so.[5]

  •   DHS assesses with high confidence that the penetration was carried out by Russian actors.[6]
  • (U/ ) The compromised voter registration database held records relating to 14 million registered voters.  . The records exfiltrated included information on each voter's name, address, partial social security number, date of birth, and either a driver's license number or state identification number.[7]
  1. (U) Intelligence Community Assessment, Assessing Russian Activities and Intentions in Recent U.S. Elections, January 6, 2017, p. iii.
  2. (U/ ) DHS IIR 4 005 0006, An IP Address Targeted Multiple U.S. State Government's to Include Election Systems, October 4, 2016; DHS briefing for SSCI staff, March 5, 2018.
  3. (U) "Illinois election officials say hack yielded information on 200,000 voters," [Local Newspaper], August 29, 2016.
  4. (U) DHR IIR   SCI Open Hearing on June 21, 2017, p. 110.
  5. (U) State Board of Elections, Illinois Voter Registration System Records Breached, August 31, 2016. As reflected elsewhere in this report, the Committee did not undertake its own forensic analysis of the Illinois server logs to corroborate this statement; SSCI interview with DHS and CTIIC, February 27, 2018, p. 24.
  6. (U) See infra, "Russian Scanning and Attempted Access to Election-Related Infrastructure" for a complete discussion on attribution related to the set of cyber activity linked to the infrastructure used in the Illinois breach.
  7. (U/ ) FBI IIR   DHS Intelligence Assessment, May 3, 2017, 0144-17, p. 2.

22
COMMITTEE SENSITIVE—RUSSIA INVESTIGATION ONLY
   

Retrieved from "https://en.wikisource.org/w/index.php?title=Page:Report_of_the_Select_Committee_on_Intelligence_United_States_Senate_on_Russian_Active_Measures_Campaigns_and_Interference_in_the_2016_U.S._Election_Volume_1.pdf/22&oldid=10945636"