Page:Report of the Select Committee on Intelligence United States Senate on Russian Active Measures Campaigns and Interference in the 2016 U.S. Election Volume 1.pdf/11

This page has been proofread, but needs to be validated.

COMMITTEE SENSITIVE—RUSSIA INVESTIGATION ONLY

that you could actually understand the network, establish a presence so you could come back later and actually execute an operation."^[1]

(U) Testifying before the Committee, Dr. Liles characterized the activity as "simple scanning for vulnerabilities, analogous to somebody walking down the street and looking to see if you are home. A small number of systems were unsuccessfully exploited, as though somebody had rattled the doorknob but was unable to get in … [however] a small number of the networks were successfully exploited. They made it through the door."^[2]

DHS and FBI assessments on the number of affected states evolved since 2016. In a joint FBI/DHS intelligence product published in March 2018, and coordinated with the Central Intelligence Agency (CIA), the Defense Intelligence Agency (DIA), the Department of State, the National Intelligence Council, the National Security Agency (NSA), and the Department of Treasury, DHS and FBI assessed that Russian intelligence services conducted activity .^[3] ^[4]

DHS arrived at their initial assessment by evaluating whether the tactics, techniques, and procedures (TTPs) observed were consistent with previously observed Russian TTPs, whether the actors used known Russian-affiliated malicious infrastructure, and whether a state or local election system was the target.^[5]
(U) The majority of information examined by DHS was provided by the states themselves. The MS-ISAC gathered information from states that noticed the suspect IPs pinging their systems. In addition, FBI was working with some states in local field offices and reporting back FBI's findings.
(U) If some slates evaluated their logs incompletely or inaccurately, then DHS might have no indication of whether they were scanned or attacked. As former-Homeland Security Adviser Lisa Monaco told the Committee, "Of course, the law enforcement and the Intelligence community is going to be significantly reliant on what the holders and

↑ (U) SSCI Transcript of the Interview of Michael Daniel, Former Assistant to the President and Cybersecurity Coordinator, National Security Council, August 31, 2017, p. 44.
↑ (U) SSCI Transcript of the Open Hearing on Russian Interference in the 2016 U.S. Elections, held on Wednesday, June 21, 2017, p. 13.
↑ DHS/FBI Homeland Intelligence Brief,
↑ (U) See chart, infra, for information on successful breaches.
↑ (U) DHS did not count attacks on political parties, political organizations, or NGOs. For example, the compromise of an email affiliated with a partisan State 13 voter registration organization was not included in DHS's count.

11
COMMITTEE SENSITIVE—RUSSIA INVESTIGATION ONLY

[1] (U) SSCI Transcript of the Interview of Michael Daniel, Former Assistant to the President and Cybersecurity Coordinator, National Security Council, August 31, 2017, p. 44.

[2] (U) SSCI Transcript of the Open Hearing on Russian Interference in the 2016 U.S. Elections, held on Wednesday, June 21, 2017, p. 13.

[3] DHS/FBI Homeland Intelligence Brief,

[4] (U) See chart, infra, for information on successful breaches.

[5] (U) DHS did not count attacks on political parties, political organizations, or NGOs. For example, the compromise of an email affiliated with a partisan State 13 voter registration organization was not included in DHS's count.

[1]

[2]

[3]

[4]

[5]

Page:Report of the Select Committee on Intelligence United States Senate on Russian Active Measures Campaigns and Interference in the 2016 U.S. Election Volume 1.pdf/11

Navigation menu

Search