It was a Bi-partisan report too — on Election Infrastructure.
U.S. Senate Select Committee on Intelligence
Russian Targeting of Election Infrastructure During the 2016 Election: Summary of Initial Findings and Recommendations
May 8, 2018
In 2016, cyber actors affiliated with the Russian Government conducted an unprecedented, coordinated cyber campaign against state election infrastructure. Russian actors scanned databases for vulnerabilities, attempted intrusions, and in a small number of cases successfully penetrated a voter registration database. […]
- The Committee has limited information about whether, and to what extent, state and local officials carried out forensic or other examination of election infrastructure systems in order to confirm whether election-related systems were compromised. It is possible that additional activity occurred and has not yet been uncovered.
Summary of Initial Findings
- Cyber actors affiliated with the Russian government scanned state systems extensively throughout the 2016 election cycle. These cyber actors made attempts to access numerous state election systems, and in a small number of cases accessed voter registration databases.
- At least 18 states had election systems targeted by Russian-affiliated cyber actors in some fashion. Elements of the IC have varying levels of confidence about three additional states, for a possible total of at least 21. In addition, other states saw suspicious or malicious behavior the IC has been unable to attribute to Russia.
- Almost all of the states that were targeted observed vulnerability scanning directed at their Secretary of State websites or voter registration infrastructure. Other scans were broader or less specific in their target.
- In at least six states, the Russian-affiliated cyber actors went beyond scanning and conducted malicious access attempts on voting-related websites.
- In a small number of states, Russian-affiliated cyber actors were able to gain access to restricted elements of election infrastructure. In a small number of states, these cyber actors were in a position to, at a minimum, alter or delete voter registration data; however, they did not appear to be in a position to manipulate individual votes or aggregate vote totals.
- The Committee found that in addition to the cyber activity directed at state election infrastructure, Russia undertook a wide variety of intelligence-related activities targeting the U.S. voting process. These activities began at least as early as 2014, continued through Election Day 2016, and included traditional information gathering efforts as well as operations likely aimed at preparing to discredit the integrity of the U.S. voting process and election results.
 These numbers only account for state or local government targets. DHS did not include states which may have witnessed attacks on political parties, political organizations, or NGOs. In addition, the numbers do not include any potential attacks on third-party vendors.
 In the majority of these instances, Russian government-affiliated cyber actors used Structure Query Language (SQL) injection — a well-known technique for cyberattacks on public-facing websites.
Here’s the pdf.
Ask your Secretary of State — What they are doing to protect your Voter Registration?
Ask them — What measures have they taken to prevent the cyber-attacks of 2016 from happening again?
Ask them if they have a verifiable paper trail, both for your votes and your registration that allows you to vote.
Better to ask BEFORE it’s a problem — and you wished you had.
While your at it — ask your Rep, ask your Senator:
What are you doing to protect this vital “infrastructure”, now that we know how vulnerable it really is?
PS. Secretaries of State can usually be voted out of office too. Remind them of that.
Russia has seen nothing, that would dissuade them from taking their cyber-attacks to the next level in the next Election. If Russia finds it useful to have their compliant “advocate” in the White House — they will pull out all the stops, to intrude into “our Voting process” again — to ensure that he stays there. Don’t trust the Polls — Trust our cyber-hardened ability to cast and count EVERY eligible Vote.