Government officials from the Department of Homeland Security and Federal Bureau of Investigations said Wednesday that election officials and systems in a total of 21 states were targeted by Russian hackers in the months preceding the 2016 presidential election.
“We have evidence of election-related systems in 21 states that were targeted,” said Jeanette Manfra, acting deputy undersecretary for cybersecurity and communications at the DHS’s National Protection and Programs Directorate.
The disclosure was made for the first time during a hearing held by the Senate Select Committee on Intelligence focused on Russian interference in the U.S. election.
Manfra did not name the individual states which were targeted, nor did she explain what “targeted” meant in this context. She also did not say how many of the targeted states were ultimately hacked and if, for example, any data was exfiltrated in these select incidents.
The “owners” of targeted systems were notified about the malicious activity, said Manfra, but that did not necessarily include widespread disclosure or communication with state secretary offices or other state officials.
“I prefer not to go into those details in this forum,” Manfra said.
Assistant Director of the FBI’s Counterintelligence Division Bill Priestap, who testified alongside Manfra, also declined to provide further specifics because of the existence of open investigations into some of these incidents.
In response to Manfra’s statement, Sen. Mark Warner, D-Va., the top Democrat on the Senate panel, expressed frustration that DHS and the FBI could not be more transparent about which individual states were targeted.
Recent report from Bloomberg and Politico have revealed new details about a series of previously unreported intrusions into election systems and other digital processes tied to the voting process, which can include both software vendors and state-owned computers.
Bloomberg reported last week that a total of 39 states were impacted by Russia’s efforts to probe related systems; a figure higher than that disclosed by DHS in Wednesday’s open hearing.
Although Trump administration officials say that voting results were not affected by these precursory cyberattacks, DHS has not conducted a comprehensive audit to see if tallies were changed, according to The Daily Beast.