The ranking member on the Senate Intelligence Committee Mark Warner told USA Today Tuesday that the Russian effort to hack US voting systems in 2016 was "much broader" than what was gleaned from the leaked NSA document published by The Intercept this week. After saying he didn't "believe" the Russians succeeded in "changing actual vote outcomes," Warner added:
"But the extent of the attacks is much broader than has been reported so far." He said he was pushing intelligence agencies to declassify the names and number of states hit to help put electoral systems on notice before midterm voting in 2018.
"None of these actions from the Russians stopped on Election Day," he warned.
Warner's comments harken back to a spate of stories last fall suggesting that almost half of the states were targeted by Russian efforts to hack voter rolls.
On Sept. 29, ABC News reported:
Nearly half of the states in the U.S. have recently had their voter registration systems targeted by foreign hackers, and four of those systems have successfully been breached, sources tell ABC News.
That amount of targeting and actual infiltration into state election-related systems is significantly larger than the U.S. government has been willing to acknowledge.
Hackers working on behalf of the Russian government are suspected in the onslaught against more than 20 state election systems, according to sources with knowledge of the matter.
On Sept. 28, CBS News reported:
Multiple law enforcement sources tell CBS News homeland security correspondent Jeff Pegues that more U.S. state election databases have been hacked than previously thought.
According to sources, a total of about 10 states have had their systems probed or breached by hackers, similar to what happened in Arizona and Illinois.
And on Oct. 3, Politico wrote:
The DHS official — speaking on background because of the subject’s sensitive nature — explained that hackers of all stripes are constantly testing the digital defenses of every state’s public-facing election systems. But in 20-plus states, the agency determined that these intrusion attempts have become what DHS calls “probing of concern.”
“It’s reached a threshold of some concern,” the official told POLITICO, cautioning that the majority of states were not experiencing successful intrusions.
The leaked NSA report focused on a vendor that had contracts with eight states: California, Florida, Illinois, Indiana, New York, North Carolina, Virginia and West Virginia.
But the report filled in a lot of details about how Russian hackers targeted the vendor in order to pose as one of its employees and then sent phishing emails to more than 100 local election officials using that assumed identity.
The problem here is that the NSA report was a highly classified "top-secret" intelligence report not meant for public consumption. If it had not been leaked, the public would still have almost no inkling about how diligently Russian hackers worked to penetrate US voting systems in the view of the US intelligence community.
With each new piece of testimony from intelligence officials—from James Comey to James Clapper to John Brennan and others—we get a clearer picture of just how much the intelligence community knew, the White House knew, and certain lawmakers knew about the Russian cyberattacks and, conversely, how little the American public knew about this information in the lead up to Election Day. Practically, a pittance.
It was a system-wide failure and what crumbs we did get were drowned out by a drip-drip-drip of information about Hillary Clinton's private server and the relatively mundane private emails of her campaign staff.
If US intelligence officials want the public to have any confidence in the 2018 outcome, they better start finding ways to level with the public about what happened, how extensive it was, and what's being done to ensure the integrity of upcoming elections.