Former Department of Homeland Security Secretary Jeh Johnson testified Wednesday that he does not believe Russian hacking “altered or suppressed” votes in the 2016 election.
Still, he contended that the United States “can and should do” more to protect its election systems from cyberattacks.
“There are lessons learned from this experience and, in the future, there is probably more we can and should do,” he told the House Intelligence Committee.
In a prepared opening statement, Johnson noted that cyberattacks “are going to get worse before they get better.” During the hearing, he said possible fixes include giving state election officials grants to improve cybersecurity, better educate state and local officials about spearphishing attacks and put a federal official at the DHS in charge of boosting protections.
Johnson appeared before the House Intelligence Committee as part of its probe into Moscow’s efforts to influence last year’s election, as the Senate Intelligence Committee held a separate hearing with current officials. The U.S. intelligence community concluded in a January report that Russian President Vladimir Putin directed a campaign to sow doubts about the electoral process and damage candidate Hillary Clinton.
Current and former officials have warned of the potential for efforts to influence future elections. Johnson said he worries about the “vulnerabilities” in state voter registration databases.
“I think there needs to be more done to secure registration databases,” he said.
In his testimony, Johnson said he found out about the hack of the Democratic National Committee in 2016, “months” after the FBI and DNC were already in contact about the cyberattack. The DNC “did not feel it needed DHS’s assistance at the time.”
Johnson offered help to state secretaries of state and other state election officials in mid-August and floated the idea of making election systems “critical infrastructure,” which would make it a “top priority” for DHS services. He said that state officials did not warm to the idea because some felt it was federal intervention in their systems.
Around that time, Johnson started to see reports of “scanning and probing” of state voter registration systems, he said. By the time of the election, 33 states and 36 cities and counties used DHS cybersecurity tools.
Jeanette Manfra, undersecretary for cybersecurity at DHS, told the Senate on Wednesday that 21 state election systems were targeted. She did not disclose which states.
This is breaking news. Please check back for updates.