06.21.17

Senator Lankford Questions Panel in Open Intel Hearing on Russian Interference in 2016 US Elections

CLICK HERE to view the video

WASHINGTON, DC – Senator James Lankford (R-OK) today participated in an open Senate Select Committee on Intelligence hearing on Russian Interference in the 2016 US Elections. Lankford questioned witnesses in the first panel, consisting of Acting Director Dr. Samuel Liles of the Department of Homeland Security (DHS) Cyber Division; Acting Director Jeanette Manfra, DHS National Protection and Programs Directorate; and Assistant Director Bill Priestap, FBI Counterintelligence Division. Specifically, Lankford pushed panelists on how to protect state election systems. 

Transcript from hearing Q&A

Senator Lankford: …. This is the famous email that Billy Rinehart got from the DNC. …he gets an email from Google that appears, “Someone has used your password – Someone just tried to sign into your Google account.” And that someone tried to do it from Ukraine and recommended that he go in and change his password immediately, which the New York Times reported that when he saw it at 4 am he was frustrated by it, went in, clicked on the link, changed his password, and went back to bed. But what he actually did, was just gave the Russian government access to the DNC. And then it took off from there. Multiple other staff members from the DNC got an email that looked just like this. Now for everyone who has a Google account, that really looks like a Google account warning. It looked like the real thing when you hovered over the change password, it showed a Google account connection where it was going to, but it wasn’t. It was going to the Russians. My understanding is that 91 percent of the hacks that come into different systems start with a spearfish attack that looks just like this. 

So let’s talk about this in practical terms for our state election folks. And what happens in my state and other states. First, for you Mr. Priestap, how does Russia identify a potential target, because this is not just a random email that came to him? This was targeted directly at him to his address, it looked very real because they knew who he was and where he works. So how were the Russians that savvy to be able to track this person and how does this work in the future for an election system for a state?

Assistant Director Bill Priestap: So, I can’t go into great detail in this forum, but I would say what intelligence services do, not just Russia, they are looking for vulnerabilities. That would begin in the cyber sense with computer vulnerabilities. As far as targeting specific individuals, I don’t know all the facts surrounding that email and all the emails that were sent, but my guess is that they didn’t just send it to one person – they send an email like that to a whole variety, just hoping that one would click. 

Senator Lankford: But how are they getting that information. Are they going to a website and gathering all the emails, are they tracking individuals so they can get something that looks like something they would click on?

Assistant Director Bill Priestap: You’ve hit on it, but a whole variety of ways. They might get it through reviewing open source material, either online or otherwise, but they also collect other information through human means. 

Senator Lankford: So, Ms. Manfra let me ask you this, when someone from any location clicks on a link like this, what accessed information do they get typically? 

Acting Director Jeanette Manfra: Well Sir, it depends on the system itself. I imagine this probably a frustrating response, but given the, I think this is important for the public to understand, is as the threat evolves, they’re going to continue, as we educate the public, don’t click on certain things, make sure you know the sender for instance before you click on it, and as our defense gets better, the offense is going to look for other means. So, in the case, we want people to look and see what is it that they’re actually clicking on before they click it. Some organizations choose to say when an individual clicks on a link, they choose to not allow it to go to that destination, because they know it’s suspicious, or they have some mechanisms in place to put them into a container to click it. Other organizations don’t take those steps, and it really depends on your risk management and the technical controls you put in place. 

Senator Lankford: Quick question, who has primary responsibility for federal election integrity? Which agency is the prime mover in that? Obviously, states oversee their own, but which federal entity is working with the state to say that they’re the prime agency to do it. 

Acting Director Jeanette Manfra: For election cyber security, our department in coordination with the FBI, is leading the partnership with state and locals. 

###