[Senate Hearing 115-92] [From the U.S. Government Publishing Office] S. Hrg. 115-92 RUSSIAN INTERFERENCE IN THE 2016 U.S. ELECTIONS ======================================================================= HEARING BEFORE THE SELECT COMMITTEE ON INTELLIGENCE OF THE UNITED STATES SENATE ONE HUNDRED FIFTEENTH CONGRESS FIRST SESSION __________ WEDNESDAY, JUNE 21, 2017 __________ Printed for the use of the Select Committee on Intelligence [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] Available via the World Wide Web: http://www.fdsys.gov _________ U.S. GOVERNMENT PUBLISHING OFFICE 26-125 PDF WASHINGTON : 2017 ____________________________________________________________________ For sale by the Superintendent of Documents, U.S. Government Publishing Office, Internet:bookstore.gpo.gov. Phone:toll free (866)512-1800;DC area (202)512-1800 Fax:(202) 512-2104 Mail:Stop IDCC,Washington,DC 20402-001 SELECT COMMITTEE ON INTELLIGENCE [Established by S. Res. 400, 94th Cong., 2d Sess.] RICHARD BURR, North Carolina, Chairman MARK R. WARNER, Virginia, Vice Chairman JAMES E. RISCH, Idaho DIANNE FEINSTEIN, California MARCO RUBIO, Florida RON WYDEN, Oregon SUSAN COLLINS, Maine MARTIN HEINRICH, New Mexico ROY BLUNT, Missouri ANGUS KING, Maine JAMES LANKFORD, Oklahoma JOE MANCHIN III, West Virginia TOM COTTON, Arkansas KAMALA HARRIS, California JOHN CORNYN, Texas MITCH McCONNELL, Kentucky, Ex Officio CHUCK SCHUMER, New York, Ex Officio JOHN McCAIN, Arizona, Ex Officio JACK REED, Rhode Island, Ex Officio ---------- Chris Joyner, Staff Director Michael Casey, Minority Staff Director Kelsey Stroud Bailey, Chief Clerk CONTENTS ---------- JUNE 21, 2017 OPENING STATEMENTS Burr, Hon. Richard, Chairman, a U.S. Senator from North Carolina. 1 Warner, Hon. Mark R., Vice Chairman, a U.S. Senator from Virginia 2 WITNESSES Liles, Sam, Acting Director, Office of Intelligence and Analysis, Cyber Division, Department of Homeland Security................ 4 Manfra, Jeanette, Undersecretary of Homeland Security, and Acting Director, National Protection and Programs Directorate......... 6 Prepared statement........................................... 8 Priestap, Bill, Assistant Director, Counterintelligence Division, Federal Bureau of Investigation................................ 15 Prepared statement........................................... 16 Lawson, Connie, Indiana Secretary of State and President-Elect, National Association of Secretaries of State................... 48 Prepared statement........................................... 50 Haas, Michael, Midwest Regional Representative, National Association of State Election Directors........................ 59 Prepared statement........................................... 62 Sandvoss, Steve, Executive Director, Illinois State Board of Elections...................................................... 68 Prepared statement........................................... 70 Halderman, J. Alex, Professor of Computer Science and Engineering, University of Michigan............................ 72 Prepared statement........................................... 74 SUPPLEMENTAL MATERIAL Phishing email received by Billy Rinehart of DNC................. 37 Report titled ``Securing Elections from Foreign Interference'' submitted by Senator Warner.................................... 96 Questions for the record......................................... 134 RUSSIAN INTERFERENCE IN THE 2016 U.S. ELECTIONS ---------- WEDNESDAY, JUNE 21, 2017 U.S. Senate, Select Committee on Intelligence, Washington, DC. The Committee met, pursuant to notice, at 9:32 a.m. in Room SH-216, Hart Senate Office Building, Hon. Richard Burr (Chairman of the Committee) presiding. Committee Members Present: Senators Burr, Warner, Risch, Rubio, Collins, Blunt, Lankford, Cotton, Cornyn, Feinstein, Wyden, Heinrich, King, Manchin, Harris, and Reed. OPENING STATEMENT OF HON. RICHARD BURR, CHAIRMAN, A U.S. SENATOR FROM NORTH CAROLINA Chairman Burr. I'd like to call the hearing to order. Today the Committee convenes its sixth open hearing of 2017, to further examine Russia's interference in the 2016 elections. This is yet another opportunity for the Committee and the American people to drill down on this vitally important topic. In 2016, a hostile foreign power reached down to the State and local levels to touch voter data. It employed relatively sophisticated cyber tools and capabilities and helped Moscow to potentially build detailed knowledge of how our elections work. It was also another example of Russian efforts to interfere into a democracy with the goal of undermining our system. In 2016, we were woefully unprepared to defend and respond and I'm hopeful that we will not be caught flatfooted again. Our witnesses are here to tell us more about what happened in 2016, what that tells us about Russian intentions, and what we should expect in 2018 and 2020. I'm deeply concerned that if we do not work in lockstep with the states to secure our elections, we could be here in two or four years talking about a much worse crisis. The hearing will feature two panels. The first panel will include expert witnesses from DHS and FBI to discuss Russian intervention in 2016 elections and U.S. government efforts to mitigate the threat. The second panel will include witnesses from the Illinois State Board of Elections, the National Association of State Election Directors, the National Association of Secretaries of States, and an expert on election security to give us their on-the-ground perspective on how Federal resources might be brought to bear on this very important issue. For our first panel, I'd like to welcome our witnesses today: Dr. Samuel Liles, Acting Director of Cyber Division within the Office of Intelligence and Analysis at the Department of Homeland Security; Jeanette Manfra, Acting Deputy Under Secretary, National Protection and Programs Directorate, also at DHS. And Jeanette, I think I told you next time you came I did not want ``Acting'' in front of your name. So now I've publicly said that to everybody at DHS. Hopefully next time that will be removed. And Bill Priestap. Bill's the Assistant Director for Counterintelligence Division at the Federal Bureau of Investigation. Bill, I want to thank you for the help that you have personally provided to the investigative staff of this Committee as we've worked through so far over five and a half months of our investigation into the 2016 elections. As you're well aware, this Committee is in the midst of a comprehensive investigation on the specific issue: the extent to which the Russian government under the direction of President Putin conducted intelligence activities, also known as Russian active measures, targeted at the 2016 U.S. elections. The intelligence community assesses that, while Russian influence obtained and maintained access to elements of multiple U.S. State and local election boards, those systems were not involved in vote tallying. During the first panel, I would like to address the depth and the breadth of Russian government cyber activities during the 2016 election cycle, the efforts of the U.S. government to defend against these intrusions, and the steps that DHS and FBI are taking to preserve the foundation of our democracy's free and fair elections in 2018 and beyond. I thank all three of our first witnesses. I turn to the Vice Chairman. OPENING STATEMENT OF HON. MARK WARNER, A U.S. SENATOR FROM VIRGINIA Vice Chairman Warner. Thank you, Mr. Chairman, and welcome to the witnesses. And, Bill, thank you again for all the work you've done with us. We all know that in January the entire intelligence community reached the unanimous conclusion that Russia took extraordinary steps to intervene in our 2016 Presidential elections. Russia's interference in our elections in 2016 I believe was a watershed moment in our political history. This was one of the most significant events I think any of us on this dais will be asked to address in our time as Senators. And only with a robust and comprehensive response will we be able to protect our democratic processes from even more dramatic incursions in the future. Much of what the Russians did at this point, I think at least in this room, is--was well known: spreading fake news, flooding social media, hacking personal e-mails and leaking them for maximum political benefit. Without firing a shot and at minimal cost, Russia sowed chaos in our political system and undermined faith in our democratic process. And as we've heard from earlier witnesses, sometimes that was aided by certain candidates in terms of their comments about the legitimacy of our democratic processes. Less well understood, though, is the intelligence community's conclusion that they also secured and maintained access to elements of multiple U.S. State and local electoral boards. Now, again, as the Chairman has said, there's no reason to doubt the validity of the vote totals in the 2016 election. However, DHS and the FBI have confirmed--and I'm going to come back to this repeatedly--only two intrusions into the voter registration databases, in both Arizona and Illinois, even though no data was modified or deleted in those two states. At the same time, we've seen published reports that literally dozens--I've seen one published report that actually said 39 states--were potentially attacked. Certainly it's good news that the attempts in 2016 did not change the results of that election. But the bad news is this will not be their last attempt. And I'm deeply concerned about the danger posed by future interference in our elections and attempts by Russia to undermine confidence in our whole electoral system. We saw Russian--we saw recently--and this was just not happening here, obviously--we saw recently Russian attempts to interfere in the elections in France. And I thank the Chairman that next week we'll be having a hearing on some of these Russian efforts in Europe. We can be sure that Russian hackers and trolls will continue to refine their tactics in the future, especially if there's no penalty for these malicious attacks. That's again, one reason I think that the Senate voted so overwhelmingly last week, and I thank all my colleagues for that 97-2 vote, to strengthen our sanctions on Russia. I hope that that action sends a strong message to Mr. Putin that there will be a heavy price to pay for attacks against the fundamental core of our democratic system. Make no mistake, it's likely that we'll see more of these attacks not just in America, but against our partners. I heard this morning coming in on the radio that the Russians are already actively engaged in the German election cycle, which takes place this fall. Now, some might say, ``Well, why the urgency?'' I can assure you, you know, we have elections in 2018, but in my home State of Virginia we have statewide elections this year. So this needs a sense of urgency. The American electoral election process, the machinery, the Election Day manpower, the actual counting and reporting, primarily is a local and State responsibility. And in many states, including my own, we have a very decentralized approach, which can be both a strength and a weakness. In Virginia, for instance, decentralization helps deter large-scale hacking or manipulation because our system is so diffuse. But Virginia localities use more than a dozen different types of voting machines, none of which are connected to the Internet while in use, but we have a number of machine- read machines, so that the tabulations actually could be broken into on an individual machine basis. All this makes large cyber attacks on electoral systems, because of the diffusion, more difficult. But it also makes maintaining consistent, coordinated cyber defenses more challenging as well. Furthermore, states may be vulnerable when it comes to the defense of voter registration and voter history databases. That's why I strongly believe that the threat requires us to harden our cyber defenses and to thoroughly educate the American public about the danger. Yesterday, I wrote to the Secretary of Homeland Security. I urged DHS to work closely with State and local election officials to disclose publicly--and I emphasize, publicly-- which states were targeted. Not to embarrass any states, but how can we put the American public on notice when we've only revealed two states, yet we have public reports that there are literally dozens? That makes absolutely no sense. I know it is the position of DHS that since the states were victims, it is their responsibility. But I cannot believe if this was an attack on physical infrastructure in a variety of states, there wouldn't be a more coordinated response. We are not making our country safer if we don't make sure that all Americans realize the breadth and the extent of what the Russians did in 2016 and, frankly, if we don't get our act together, what they will do in an even more dramatic form in 2018 and 2020. And candidly, the idea of this kind of bureaucratic ``Well, it's not my responsibility, not my job'' I don't believe is an acceptable decision. So, I'm going to hope from our witnesses, particularly our DHS witnesses, that we hear a plan on how we can get more information into the bloodstream, how we can make sure that we have better best practices, so that all states are doing what's needed. I'm not urging or suggesting that in any way the Federal Government intervenes in what is a local and State responsibility. But to not put all Americans on notice and to have the number of states that were hacked into or attempted to be hacked into still kept secret is just crazy in my mind. So, my hope is that we will get some answers. I do want to thank the fact that in January DHS did designate the Nation's electoral infrastructure as critical infrastructure. That's important. But if we call it critical infrastructure but then don't tell the public how many states were attacked or potentially how many could be attacked in the next cycle, I don't think we get to where we need to be. So, we're going to see more of this. This is the new normal. I appreciate the Chairman for holding this hearing and I'm going to look forward very much to getting my questions answered. Thank you. Chairman Burr. Thank you, Vice Chairman. With that, Dr. Liles, I understand you're going to go first. The floor is yours. STATEMENT OF SAM LILES, Ph.D., ACTING DIRECTOR, CYBER DIVISION, OFFICE OF INTELLIGENCE AND ANALYSIS, DEPARTMENT OF HOMELAND SECURITY Dr. Liles. Chairman Burr, Ranking Member Warner, and distinguished members of the Committee, thank you for the invitation to be here. My name is Sam Liles. I represent the Cyber Analysis Division of the Department of Homeland Security's Office of Intelligence and Analysis. Our mission is to produce cyber-focused intelligence, information, and analysis, represent our operational partners like the NCCIC to the intelligence community, coordinate and collaborate on IC products, and share intelligence and information with our customers at the lowest classification possible. We are a team of dedicated analysts who take threats to the critical infrastructure of the United States seriously. I'd like to begin by clarifying and characterizing the threat we observed to the election infrastructure in the 2016 election. Prior to the election, we had no indication that adversaries or criminals were planning cyber operations against the U.S. election infrastructure that would change the outcome of the coming U.S. election. However, throughout spring and early summer 2016, we and others in the IC began to find indications that the Russian government was responsible for widely reported compromises and leaks of e-mails from U.S. political figures and institutions. As awareness of these activities grew, DHS began in August of 2016 to receive reports of cyber-enabled scanning and probing of election-related infrastructure in some states. From that point on, I&A began working to gather, analyze, and share additional information about the threat. I&A participated in red team events, looking at all possible scenarios, collaborated and co-authored production with other intelligence community members and the National Intelligence Council. We provided direct support to the Department's operational cyber center, the National Cyber Security and Communications Integration Center, and worked hand-in-hand with the State and local partners to share threat information related to their networks. By late September, we determined that Internet-connected election-related networks in 21 states were potentially targeted by Russian government cyber actors. It is important to note that none of these systems were involved in vote tallying. Our understanding of that targeting, augmented by further classified reporting, is that's still consistent with the scale and scope. This activity is best characterized as hackers attempting to use commonly available cyber tools to exploit known system vulnerabilities. The vast majority of the activity we observed was indicative of simple scanning for vulnerabilities, analogous to somebody walking down the street and looking to see if you are home. A small number of systems were unsuccessfully exploited, as though somebody had rattled the doorknob but was unable to get in, so to speak. Finally, a small number of the networks were successfully exploited. They made it through the door. Based on the activity we observed, DHS made a series of assessments. We started out with, we had no indication prior to the election that adversaries were planning cyber operations against election infrastructure that would change the outcome of the 2016 election. We also assessed that multiple checks and redundancies in U.S. election infrastructures, including diversity of systems, non-Internet-connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate the results, all these made it likely that cyber manipulation of the U.S. election systems intended to change the outcome of the national election would be detected. We also, finally, assessed that the types of systems Russian actors targeted or compromised were not involved in vote tallying. While we continue to evaluate any and all new available information, DHS has not altered any of these prior assessments. Having characterized the threat as we observed it, I'll stop there to allow my NPPD colleague Jeanette Manfra to talk more about how DHS is working with election systems to enhance security and resiliency. I look forward to answering your questions. Chairman Burr. Thank you. Ms. Manfra. STATEMENT OF JEANETTE MANFRA, ACTING DIRECTOR AND UNDER SECRETARY, NATIONAL PROTECTION AND PROGRAMS DIRECTORATE, DEPARTMENT OF HOMELAND SECURITY Ms. Manfra. Thank you, sir. Chairman Burr, Vice Chairman Warner, members of this Committee: thank you for today's opportunity to represent the men and women that serve in the Department of Homeland Security. Today I'm here to discuss the Department's mission to reduce and eliminate threats to the Nation's critical physical and cyber infrastructure, specifically as it relates to our election. Our Nation's cyber infrastructure is under constant attack. In 2016, we saw cyber operations directed against U.S. election infrastructure and political entities. As awareness of these activities grew, DHS and its partners provided actionable information and capabilities to help election officials identify and mitigate vulnerabilities on their networks. Actionable information led to detections of potentially malicious activity affecting Internet-connected election- related networks, potentially targeted by Russian cyber actors in multiple states. When we became aware of detected activity, we worked with the affected entity to understand if a successful intrusion had in fact occurred. Many of these detections represented potentially malicious vulnerability scanning activity, not successful intrusions. This activity, in partnership with these potential victims and targets, enhanced our situational awareness of the threat and further informed our engagement with State and local election officials across the country. Given the vital role that elections have in a free and democratic society, on January 26 of this year the former Secretary of Homeland Security established election infrastructure as a critical infrastructure sub-sector. As such, DHS is leading Federal efforts to partner with State and local election officials, as well as private sector vendors, to formalize the prioritization of voluntary security-related assistance and to ensure that we have the communications channels and protocols, as Senator Warner discussed, to ensure that election officials receive information in a timely manner and that we understand how to jointly respond to incidents. Election infrastructure now receives cybersecurity and infrastructure protection assistance similar to what is provided to other critical infrastructure, such as financial institutions and electric utilities. Our election system is run by State and local governments in thousands of jurisdictions across the country. Importantly, State and local officials have already been working individually and collectively to reduce risks and ensure the integrity of their elections. As threat actors become increasingly sophisticated, DHS stands in partnership to support their efforts. Safeguarding and securing cyber space is a core mission at DHS. Through our National Cybersecurity and Communications Center, or NCCC, DHS assists State and local customers such as election officials as part of our daily operations. Such assistance is completely voluntary. It does not entail regulation or Federal oversight. Our role is limited to support. In this role, we offer three types of assistance: assessments, information, and incident response. For the most part, DHS has offered two kinds of assistance to State and local officials: first, the cyber hygiene service for Internet- facing systems provides a recurring report identifying vulnerabilities and mitigation recommendations. Second, our cybersecurity experts can go on site to conduct risk and vulnerability assessments and provide recommendations to the owners of those systems for how best to reduce the risk to their networks. DHS continues to share actionable information on cyber threats and incidents through multiple means. For example, we publish best practices for securing voter registration databases and addressing potential threats to election systems. We share cyber threat indicators and other analysis that network defenders can use to secure their systems. We partner with the multistate Information Sharing and Analysis Center to provide threat and vulnerability information to State and local officials. This organization is partially grant-funded by DHS and has representatives that sit on our NCCC floor and can interact with our analysts and operators on a 24/7 basis. They can also receive information through our field-based personnel stationed throughout the country and in partnership with the FBI. Finally, we provide incident response assistance at request to help State and local officials identify and remediate any possible cyber incidents. In the case of an attempted compromise affecting election infrastructure, we will share that technical information with other states to assist their ability to defend their own systems from similar malicious activity. Moving forward, we must recognize that the nature of risk facing our election infrastructure will continue to evolve. With the establishment of an election infrastructure sub- sector, DHS is working with stakeholders to establish these appropriate coordinating councils and our mechanisms to engage with them. These will formalize our mechanisms for collaboration and ensure long-term sustainability of this partnership. We will lead the Federal efforts to support election officials with security and resilience efforts. Before closing, I want to reiterate that we do have confidence in the overall integrity of our electoral system because our voting infrastructure is fundamentally resilient. It is diverse, subject to local control, and has many checks and balances built in. As the risk environment evolves, the Department will continue to support State and local partners by providing information and offering assistance. Thank you very much for the opportunity to testify, and I look forward to any questions. [The prepared statement of Ms. Manfra follows:] [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] Chairman Burr. Thank you very much. Mr. Priestap. STATEMENT OF BILL PRIESTAP, ASSISTANT DIRECTOR, COUNTERINTELLIGENCE DIVISION, FEDERAL BUREAU OF INVESTIGATION Mr. Priestap. Good morning. Chairman Burr, Vice Chairman Warner, and members of the Committee: Thank you for the opportunity to appear before you today. My statement for the record has been submitted. And so, rather than restating it, I'd like to step back and provide you a description of the broader threat as I see it. My understanding begins by asking one question: What does Russia want? As you well know, during the Cold War the Soviet Union was one of the world's two great powers. However, in the early 1990's it collapsed and lost power, stature, and much territory. In a 2005 speech, Vladimir Putin referred to this as a major catastrophe. The Soviet Union's collapse left the U.S. as the sole superpower. Since then, Russia has substantially rebuilt, but it hasn't been able to fully regain its former status or its former territory. The U.S. is too strong and has too many alliances for Russia to want a military conflict with us. Therefore, hoping to regain its prior stature, Russia has decided to try to weaken us and our allies. One of the ways Russia has sought to do this is by influence, rather than brute force. Some people refer to Russia's activity in this regard as information warfare, because it is information that Russia uses as a weapon. In regards to our most recent Presidential election, Russia used information to try to undermine the legitimacy of our election process. Russia sought to do this in a simple manner. They collected information via computer intrusions and via their intelligence officers and they selectively disseminated e-mails they hoped would disparage certain political figures and shed unflattering light on political processes. They also pushed fake news and propaganda, and they used online amplifiers to spread the information to as many people as possible. One of their primary goals was to sow discord and undermine a key democratic principle, free and fair elections. In summary, I greatly appreciate the opportunity to be here today to discuss Russia's election influence efforts. But I hope the American people will keep in mind that Russia's overall aim is to restore its relative power and prestige by eroding democratic values. In other words, its election-related activity wasn't a one-time event. Russia will continue to pose an influence threat. I look forward to your questions. Thank you. [The prepared statement of Mr. Priestap follows:] [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] Chairman Burr. Thank you very much to all of our witnesses. For members, we will proceed by seniority for recognition for up to five minutes, and the Chairman will tell you when you have used all your time if you proceed that far. The Chair would recognize himself for five minutes. Yes or no, to all three of you. Most important question: Do you have any evidence that the votes themselves were changed in any way in the 2016 Presidential election? Dr. Liles. Dr. Liles. No, sir. There was no detected change in the vote. Chairman Burr. Ms. Manfra. Ms. Manfra. No, sir. Chairman Burr. Mr. Priestap. Mr. Priestap. No, sir. Chairman Burr. Bill, to you. This adversary is determined. They're aggressive and they're getting more sophisticated by the day. The diversity of our election system is a strength, but the intrusions into State systems also show that Moscow is willing to put considerable resources towards an unclear result. In 2016, we saw voter data stolen. How could Moscow potentially use that data? Mr. Priestap. They could use the data in a variety of ways. Unfortunately, in this setting I can't go into all of them. First of all, I think they took the data to understand what it consisted of, what's there, so that they can in effect better understand and plan accordingly. And when I say ``plan accordingly,'' plan accordingly in regards to possibly impacting future elections and/or targeting of particular individuals, but also by knowing what's there and studying it they can determine if it's it something they can manipulate or not, possibly, going forward. And there's a couple of other things that wouldn't be appropriate in this setting as well. Chairman Burr. To any of you: You've heard the Vice Chairman talk about his frustration about publicly talking about how many states. Can you tell the American people why you can't disclose which states and the numbers? I'll turn to Ms. Manfra first. Ms. Manfra. Thank you for the question, sir. There are-- through the long history that the Department has in working with the private sector and State and local on critical infrastructure and cybersecurity issues, we believe it is important to protect the confidentiality that we have and the trust that we have with that community. So when the entity is a victim of a cyber incident, we believe very strongly in protecting the information around that victim. That being said, what we can do is take the technical information that we learn from the engagement with that victim and anonymize it so it is not identified as to what that entity or individual is. We can take all the technical information and turn that around and share that broadly with whether it's the affected sector or broadly across the entire country. And we have multiple mechanisms for sharing that. But we believe that this has been a very important key to our success in developing trusted relationships across all of these 16 critical infrastructure sectors. Chairman Burr. Are we prepared today to say publicly how many states were targeted? Ms. Manfra. We, as of right now, we have evidence of 21 states, election-related systems in 21 states that were targeted. Chairman Burr. But in no case were actual vote tallies altered in any way, shape, or form? Ms. Manfra. That is correct. Chairman Burr. How did the French respond to the Russian involvement in the French elections a month ago? Is that something we followed, the Bureau? Bill? Mr. Priestap. Sir, From the Bureau's standpoint, it's something we followed from afar. We did have engagement with French officials, but I'm just not at liberty to go into what those consisted of. Chairman Burr. Okay. We've talked about last year, Russia's intent, their target. Let's talk about next year. Let's talk about the 2017 elections in Virginia. Let's talk about the 2018 elections, Congressional and gubernatorial elections. What are we doing to prepare ourselves this November and next November? Ms. Manfra. Ms. Manfra. Yes, sir. As we noted, we are taking this threat very seriously, and part of that is identifying this community as a critical infrastructure subsector. That's allowed us to prioritize and formalize the engagement with them. Similar to the 2016 elections, we are identifying additional resources, prioritizing our engagement with them through information-sharing products, identifying, in partnership again with the State and local community, those communication protocols--how do we ensure that we can declassify information quickly should we need to and get it to the individuals that need it. We also have committed to working with State and local officials on incident response playbooks. So how do they understand where to engage with us, where do we engage with them, and how do we--are we able to bring the entire resources of the Federal Government to bear in helping the State and local officials secure their election systems? Chairman Burr. Great. Vice Chairman. Vice Chairman Warner. Thank you for the answer at 21. 21 states is almost half the country. We've seen reports that were even higher. I concur with the Chairman that the vote totals were not changed. But can you explain to me how we're made safer by keeping the identity of 19 of those states secret from the public, since Arizona and Illinois have acknowledged they were attacked? Dr. Liles. Well, sir, I'd bring it back to the earlier points you made about the future elections. One of the key pieces for us within I&A is our ability to work with our partners because of how our collection mechanisms work. It's built on a high level of trust---- Vice Chairman Warner. If this was water systems or power systems, would the public be safer by not knowing that their water system or power system in their respective State was attacked? Ms. Manfra. Sir, I can--for other sectors we apply the same principles. When we do have a victim of an incident in the electric sector or the water sector, we do keep the name of that entity confidential. Some of these sectors do have breach reporting requirements that requires the victims---- Vice Chairman Warner. Are all 21 of the states that were attacked, are they aware they were attacked? Ms. Manfra. All of the system owners within those states are aware of the targeting, yes, sir. Vice Chairman Warner. At the State level, you could have local registrars and other local officials that there may have been an attempt to penetrate at the State level and you may have local registrars in the respective states that would not even know that their State had been the subject of Russian activities? Ms. Manfra. We are currently working with State election officials to ensure communication between the local and the State officials. Vice Chairman Warner. But at this moment in time, there may be a number of State and local election officials that don't know their states were targeted in 2016, is that right? Ms. Manfra. The owners of the systems that were targeted do know that they were targeted---- Vice Chairman Warner. The owners may know, but because we have a decentralized system many local elective--I just---- Ms. Manfra. I cannot---- Vice Chairman Warner [continuing]. Fundamentally disagree. I understand the notion of victimization. Ms. Manfra. Yes, sir. Vice Chairman Warner. But I do not believe our country is made safer by holding this information back from the American public. I have no interest in trying to embarrass any State, but if this--because we've seen this for too long in cyber, we've seen it in the financial industry, and others, where people simply try to sweep this under the rug and assume they'll go along their way. When we're talking about--I go back to Dr. Liles' initial comments. We had no idea--we had no ability to predict this beforehand. We had 21 states that were tapped. We've got two that have come forward. While no election results were changed, we do know there were a number of states--perhaps you'll answer this: How many states did the Russians actually exfiltrate data, such as voter registration lists? Ms. Manfra. I'd prefer not to go into those details in this forum, sir. I can tell you that we're tracking 21 states that were targeted---- Vice Chairman Warner. Do the states who had their data exfiltrated by the Russians--are they aware of that? Ms. Manfra. Yes, sir. Vice Chairman Warner. And is there any coordinated response on how we're going to prevent this going forward? Ms. Manfra. Yes, sir. Vice Chairman Warner. How do we make sure, if states are not willing to acknowledge that they had vulnerabilities, that they were subject to attack--again, we're in a brave new world here, and I understand your position. I'm not trying to--I'm very frustrated, but I'm not--I get this notion. But I think we need a re-examination of this policy. You know, the designation by former Secretary Johnson as critical infrastructure, what does that change in terms of how our operations are going forward? By that designation in January, I appreciated it, but what does that really mean in practical terms, in terms of assistance or information sharing? Ms. Manfra. What it means, it means three things, sir. The first is a statement that we do recognize that these systems are critical to the functioning of American life, and so that is an important statement. The second is that it formalizes and sustains the Department's prioritization of engagement with this community. And the last is, it provides a particular protection for sharing of information, in particular with vendors within the election community, that allows us to have conversations to discuss vulnerabilities with potential systems, that we would not have to disclose. Vice Chairman Warner. I talked to Secretary Kelly last week, and I hope you'll take this, at least this Senator's message, back to him. I would like us to get more information. What I have heard today is that, there were 21 states. I appreciate that information, but within those 21 states I have no guarantee that local election officials are aware that their State system may have been attacked, number one. Number two, we don't know how many states actually had exfiltration. And the final question is, have you seen any stoppage of the Russian activities after the election? Or are they continuing to ping and try to feel out our various election systems? Ms. Manfra. On the first two questions, sir, we will be happy to get back to you. I spoke to the Secretary this morning and look forward to responding to your letter. On the third question, I'll defer to the FBI. Mr. Priestap. Vice Chairman, I just can't comment on our pending investigations related to the cyber---- Vice Chairman Warner. You can't say whether the--so, should the public take away a sense of confidence that the Russians have completely stopped, as of November of 2016, trying to interfere or tap into our electoral systems? Is that what you're saying? Mr. Priestap. That's not what I'm saying, sir. I believe the Russians will absolutely continue to try to conduct influence operations in the U.S., which will include cyber intrusions. Vice Chairman Warner. Thank you, Mr. Chairman. Chairman Burr. Thank you, Vice Chairman. To DHS and to the Bureau, a quick question; and if you can't answer it, please go back and get us an answer. Would your agency be opposed to the Chair and Vice Chair sending a letter to the 19 states that have not been publicly disclosed, a classified letter, asking them if they would consider publicly disclosing that they were a target of the last election? Mr. Priestap. Sir, I'd be happy to take that question back to my organization, but I would just add that the role your Committee is playing in regards to highlighting the Russians' aims and activities I think is critically important for this country. The Bureau is just trying to balance what, we'll call it the messaging end of that, with doing things that hopefully don't impact what we can learn through our investigations. I know it's a fine balance, but the bottom line is you play a key role in raising awareness of that, and I thank you. Chairman Burr. Fair concern, and if both of you would just go back and get back with us, we'll proceed from there. Senator Risch. Senator Risch. Thank you much. So that the American people can have solid confidence in what you've done, and thank you for what you've done, could you give the American people an idea--if you feel the numbers are classified and that sort of thing, you don't have to go into it--but the number of people that were involved on DHS and the FBI in this investigation? Can you give us a general idea about that? Whichever one of you want to take that question. Ms. Manfra. Ms. Manfra. From a DHS perspective, we did amass quite a few resources both from our intelligence and analysis and our operations analysis. To put a number on it is somewhat challenging but, you know---- Senator Risch. Would you say it was substantial? Ms. Manfra. It was a substantial level of effort, yes, sir. Senator Risch. You're confident that you got where you wanted to go when you set out to make this investigation? Ms. Manfra. Yes, sir. One of our key priorities was developing relationships with that community and getting information out, whether it was to the specific victims or broader indicators that we could share. We accomplished that. We held multiple sessions. We sent over 800 indicators to the community, and so we do believe that we accomplished that. We don't want to let that down at all. We want to continue that level of effort and we intend to continue it. Senator Risch. And I'm focusing on not what you did after you got the information, but how you got the information. You're confident you got what you needed to appropriately advise everyone on this, what was going on? Ms. Manfra. Yes, sir. Yes, we did. Senator Risch. Mr. Priestap. Mr. Priestap. The FBI considered this a very grave threat and so we dedicated substantial resources to this effort as well. Senator Risch. Okay. Thank you. To both of you, both agencies again: Everyone in this Committee knows the specificity and identity of the Russian agencies involved. Are you comfortable in identifying them here today, or do you feel--still feel that's classified? Mr. Priestap. Yeah. Other than what was mentioned in the unclassified version of the intelligence community assessment, I'd rather not go into any of those details. Senator Risch. Were there any of those agencies identified, any of the Russian intelligence agencies, identified in that? Mr. Priestap. It's my understanding that GRU was identified. Senator Risch. Homeland Security, same answer? Dr. Liles. Yes, sir. Senator Risch. Okay. Thank you much. Let me ask this question. And I come at this from a little different perspective, and I think the American people have the right to know this. From all the work that either of your agencies did, all the people involved, all the digging you did through what the Russians had done and their attempts, did you find any evidence, direct or circumstantial, to any degree, down to a scintilla of evidence, that any U.S. person colluded with, assisted, or communicated with the Russians in their efforts? Mr. Priestap. Mr. Priestap. I'm sorry, I just can't comment on that today. That falls under the Special Counsel's purview and I have to defer to him. Senator Risch. Are you aware of any such evidence? Mr. Priestap. And I'm sorry, sir, I just can't comment on that. Senator Risch. Ms. Manfra. Ms. Manfra. Sorry, sir. I cannot also comment on that. Senator Risch. Thank you. Thank you, Mr. Chairman. Chairman Burr. Senator Feinstein. Senator Feinstein. Thanks very much, Mr. Chairman. Candidly, I'm very disappointed by the testimony. I mean, we have learned a great deal and the public has learned a great deal. And it seems to me we have to deal with what we've learned. Mr. Priestap, is that correct? You have said, and I think quite pointedly, that Russia has decided to weaken us through covert influence rather than brute force. And I think that's a correct assessment, and I thank you for having the courage to make it. Here's a question. To the best of the FBI's knowledge, have they conducted covert influence in prior election campaigns in the United States? If so, when, what and how? Mr. Priestap. Yes, absolutely they've conducted influence operations in the past. What made this one different in many regards was of course the degree and then with what you can do through electronic systems today. When they did it in the past, it was doing things like trying to put in biased or half-true stories, getting stories like that into the press or pamphlets that people would read, so on and so forth. The Internet has allowed Russia to do so much more today than they've ever been able to do in the past. Senator Feinstein. So you're saying prior campaigns were essentially developed to influence one campaign above another, to denigrate a candidate if she was elected and to support another candidate subtly? Mr. Priestap. Yeah, I'm saying that Russia, for years, has conducted influence operations targeting our elections, yes. Senator Feinstein. Equal to this one? Mr. Priestap. Not equal to this one. No, ma'am. Senator Feinstein. Okay, here we go. What made this one different? Mr. Priestap. Again, I think the scale, the scale and the aggressiveness of the effort, in my opinion, made this one different. And again, it's because of the electronic infrastructure, the Internet, what have you, today that allowed Russia to do things that in the past they weren't able to do. Senator Feinstein. Would you say that this effort was tailored to achieve certain goals? Mr. Priestap. Absolutely. Senator Feinstein. And what would those goals have been? Mr. Priestap. I think the primary goal in my mind was to sow discord and to try to delegitimize our free and fair election process. I also think another of their goals, which the entire United States intelligence community stands behind, was to denigrate Secretary Clinton and to try to help then-- current President, Trump. Senator Feinstein. Have they done this in prior elections in which they've been involved? Mr. Priestap. Have they---- Senator Feinstein. Denigrated a specific candidate and-or tried to help another candidate? Mr. Priestap. Yes, ma'am, they have. Senator Feinstein. And which elections were those? Mr. Priestap. Oh--I'm sorry. I know there--I'm sorry, I can't think of an example off the top of my head, but even though--all the way through the Cold War, up to our most recent election, in my opinion, they have tried to influence all of our elections since then, and this is a common practice. Senator Feinstein. Have they ever targeted what is admitted here today to be 21 states? Mr. Priestap. If they have, I am not aware of that. That's a--that scale is different than what I'm aware of what they tried to do in the past. So again, the scale and aggressiveness here separates this from their previous activity. Senator Feinstein. Has the FBI looked at how those states were targeted? Mr. Priestap. Absolutely, ma'am. Senator Feinstein. And what is your finding? Mr. Priestap. We have a number of investigations open in regards to that. In this setting, because they're all still pending investigations, I'd rather not go into those details. The other thing I'd ask you to keep in mind is that we continue to learn things. So, there was some activity we were looking at prior to the election. It's not like when the election was finished our investigation stopped. So as we learn more, we share more. Senator Feinstein. Do you know if it's the intent of the FBI to make this information public at some point? Mr. Priestap. I think this gets back to an issue the Vice Chairman raised, and I guess I want to be clear on my position on it. I think it is critically important to raise awareness about Russia's aims to undermine our democracy, and then their tradecraft and how they do it. My organization--part of understanding that tradecraft is conducting our investigations where we learn more and more about tradecraft. So we try to balance, what do we need to provide to partners so they can best protect themselves versus not interrupting our investigations if the information were to be made public. Senator Feinstein. Thank you very much. Mr. Priestap. A balancing act. Senator Feinstein. My time is up. Thank you Chairman Burr. Thank you, Senator Feinstein. The Vice Chairman and I have already decided that we're going to invite the Bureau in for a classified briefing to update all members on the open investigations and any that we see that might warrant, on their minds, an opening of a new investigation. In addition, let me remind members that one of the mandates of our investigation is that we will, at the end of this, work with the Bureau and other appropriate agencies to make a public report in as great a public detail as we can our findings on Russia's involvement in our election. So, it is the intent of the Chair, at least, to make sure that as much as we can declassify, it's done and the public gets a true understanding when we put out a final report. Senator Rubio. Senator Rubio. Thank you, Mr. Chairman. And that's critically important. I think the most important thing we're going to do in this report is tell the American people how this happened, so we're prepared for the next time. And it begins, I think, by outlining what their goals were, what they tried to do, in this regard. And we know what they tried to do, because they've done it in other countries around the world for an extensive period of time. The first is, undermine the credibility of the electoral process; to be able to say, that's not a real democracy. It's filled with all kinds of problems. The second is to undermine the credibility of our leaders, including the person who may win. They want that person to go into office hobbled by scandal and all sorts of questions about them. And the third, ideally, in their minds, I imagine, is to be able to control the outcome in some specific instances. If they think they could, either through public messaging, or even in a worst case scenario by actually being able to manipulate the vote--which I know has now been repeatedly testified did not happen here. And, by the way, these are not mutually exclusive. You can do all three, you can only take one. They all work in conjunction. I think you can argue that they have achieved quite a bit, if you think about the amount of time that we have been consumed in this country on this important topic and the political fissures that it's developed. And the way I always kind of point to it--and if anyone disagrees I want you to tell me this--but, you know, we have something in American politics. It's legitimate; both sides do it. It's called opposition research. You find out about your opponent. Hopefully it's embarrassing or disqualifying information if you're the opposition research person. You package it. You leak it to a media outlet. They report it. You run ads on it. Now, imagine being able to do that with the power of a nation state, illegally acquiring things like e-mails and being able to weaponize it by leaking, leaking it to somebody who will post that and create all sorts of noise. I think that's certainly one of the capabilities. The other is just straight-out misinformation, right? The ability to find a site that looks like a real news place, have them run a story that isn't true, have your trolls begin to click on that story. It rises on Facebook as a trending topic. People start to read it. By the time they figure out it isn't true, a lot of people think it is. I remember seeing one in early fall that President Obama had outlawed the Pledge of Allegiance, and I had people texting me about it. And I knew that wasn't true, but my point is that we have people texting about it, asking if it was. It just tells you--and I don't know if that was part of that effort, or it was just somebody with too much time on their hands. And then the third, of course, is the access to our voting systems, and obviously people talk about affecting the tallies. But just think about this. Even the news that a hacker from a foreign government could have potentially gotten into the computer system is enough to create the specter of a losing candidate arguing, the election was rigged, the election was rigged. And because most Americans, including myself, don't fully understand all the technology that's around voting systems per se, you give that ``election is rigged'' kind of narrative to a troll and a fake news site, and that stuff starts to spread. And before you know it, you have the specter of a political leader in America being sworn in under the cloud of whether or not the election was stolen because vote tallies were actually changed. So I don't know why they were probing these different systems, because obviously a lot of the information they were looking at was publicly available. You can buy it, voter rolls. Campaigns do it all the time. But I would speculate that one of the reasons potentially is because they wanted these stories to be out there, that someone had pinged into these systems, creating a specter of being able to argue at some point that the election was invalid because hackers had touched election systems in key states. And that is why I really, truly believe, Mr. Chairman, it is so important that, to the extent possible, that part of it, the systems part, as much of it be available to the public as possible, because the only way to combat misinformation is with truth and with facts, and explain to people, and I know some of it is proprietary. I know some of it we were trying to protect methods and so forth, but it is really critical that people have confidence that when they go vote that vote is going to count and someone's not going to come in electronically and change it. And I think they're--I just really hope we err on the side of disclosure about our systems so that people have full confidence when they go vote. Because I can tell you, I was on the ballot in November, and I remember people asking me repeatedly, is my vote going to count? I was almost afraid people wouldn't vote because they thought their vote wouldn't count. So I just hope as we move forward--I know that's not your decision to make in terms of declassifications and the like, but it is really, really, really important that Americans understand how our voting systems work, what happened, what didn't and that we be able to communicate that in real-time in the midst of an election, so that if in 2018 these reports start to emerge about our voting systems being pinged again, people aren't--we can put out enough information in October and early November so people don't have doubts. And I know that's not your decisions to make, but I just really hope that's part of what we push on here, because I think it's critical for our future. Chairman Burr. Senator Wyden. Senator Wyden. Thank you, Mr. Chairman. Let me say to the three of you, and I say it respectfully, that on the big issue, which is which states were affected by Russian hacking in 2016, the American people don't seem to be getting more information than what they already had before they showed up. We want to be sensitive to security concerns, but that question has to be answered sooner rather than later. I want to send that message in the strongest possible way. We obviously need to know about vulnerabilities so that we can find solutions, and we need better cybersecurity to protect elections from being hacked in the first place. And that means solutions like Oregon's vote-by-mail system, that has a strong paper trail, air-gapped computers, and enough time to fix the problems if they pop up. But now to my question. You all mentioned the January intelligence assessment, saying that the types of systems we observed Russian actors targeting or compromising are not involved in vote tallying. Your prepared testimony today makes another point that I think that is important. You say it is likely that cyber-manipulation of U.S. election systems intended to change the outcome of a national election would be detected. So that is different than what we have heard thus far. So I have two questions for you, Ms. Manfra, and you, Dr. Liles: What level of confidence does the Department have in its assessment that 2016 vote tallying was not targeted or compromised? And second, does that assessment apply to State and local elections? Dr. Liles. Thank you, sir, for the question. So, the level of effort and scale required to change the outcome of a national election would make it nearly impossible to avoid detection. This assessment is based on the diversity of systems, the need for physical access to compromise voting machines themselves, the security of pre-election testing employed by the State and local officials. There's a level, a number of standards and security protocols that are put in place. In addition, the vast majority of localities engage in logic and accuracy testing, which work to ensure voting machines are operating and tabulating as expected. Before, during, and after the election, there has been an immense amount of media attention applied to this, which also brings in the idea of people actually watching and making sure that the election results represent what they see. And plus there's just the statistical anomalies that would be detected, so we have a very high confidence in our assessments. Senator Wyden. What about State and local elections? Do you have the same level of confidence? Dr. Liles. So, from the standpoint of a nation-state actor operating against a State and local election system, we would have the same--for an Internet-connected system, we would have the same level of confidence. Senator Wyden. Ms. Manfra. Ms. Manfra. Yes, sir. And I think this also gets to Senator Rubio's point about the difficulty in the general public understanding the variety of systems that are used in our election process. So we broke our level of engagement and concern down to a couple of different areas. The voter registration systems, which are often, usually connected to the Internet. We also were looking at the voting machines themselves, which by best practice and by the voluntary voting standards and guidelines that the Department of Commerce works with the Election Assistance Commission on, is, by best practice--those are not connected to the Internet. Senator Wyden. So can Homeland Security assure the public that the Department would be able to detect an attempted attack on vote tallying? Ms. Manfra. What I would suggest, sir, is that the ability, as has been demonstrated by security researchers, to access remotely a voting machine to manipulate that vote and then to be able to scale that across multiple different voting machines made by different vendors, would be virtually impossible to occur in an undetected way within our current election system. Senator Wyden. Has the Department conducted any kind of post-election forensics on the voting machines that were used in 2016? Ms. Manfra. We are currently engaged with many vendors of those systems to look into conducting some joint forensics with them. The vendor community is very interested in engaging with us. We have not conducted---- Senator Wyden. So there's no--there's been no analysis yet? Ms. Manfra. We have not--our Department has not conducted forensics on specific voting machines. Senator Wyden. Do you believe it's important to do that in terms of being able to reassure Americans that there was no attack on vote tallying? Ms. Manfra. Sir, I would say that we do currently have voluntary standards in place that vendors are enabled--and in approximately 35 states, actually require, some level of certification of those voting machines that they are complying with those standards. We would absolutely be interested in working with vendors to conduct that level of analysis. Senator Wyden. Let me ask one last question. Obviously, the integrity of elections depends on a lot of people: State and local election officers, equipment vendors, third party contractors. Are you all, at Homeland Security and the FBI, confident that the Federal Government has now identified all of the potential government and private sector targets? Ms. Manfra. Yes, sir. I'm confident that we've identified the potential targets. Senator Wyden. Okay. Thank you, Mr. Chairman. Chairman Burr. Senator Collins. Senator Collins. Mr. Priestap, let me start by saying that it's a great pleasure to see you here again. I remember back in 2003, you were detailed to the Homeland Security Committee when I was the Chairman and how helpful you were in our drafting of the Intelligence Reform and Terrorism Prevention Act. So thank you for your continued public service. You testified this morning and answered the question of, what does Russia want? And you said that the Russians want to undermine the legitimacy of our elections and sow the seeds of doubt among the American public. Despite the exposure and the publicity given to the Russian's efforts in this regard, do you have any doubt at all that the Russians will continue their activities in subsequent elections? Mr. Priestap. I have no doubt. I just can't--I just don't know the scale and aggressiveness, whether they'll repeat that, if it'll be less or if it'll be more. But I have no doubt they will continue. Senator Collins. Is there any evidence that the Russians have implanted malware or backdoors or other computer techniques to allow them easier access next time to our election systems? Mr. Priestap. I'm sorry, Senator. I just can't comment on that because of our pending investigations. Senator Collins. Secretary Manfra, the secretaries of state who are responsible for the election systems have a pretty blistering attack on the Department of Homeland Security in the testimony that will be given later this morning. And I want to read you part of that and have you respond. They say: ``Yet, nearly six months after the designation''--and they mean the designation of election systems as critical infrastructure-- ``and in spite of comments by DHS that they are rushing to establish election protections, no secretary of state is currently authorized to receive classified threat information that would help them to protect their election systems.'' Why not? Ms. Manfra. Thank you, ma'am, for that question. I would note that this community, the secretaries of state, and for those states where they have a State election director, is not one that the department has historically engaged with. And what we have done in the process of building the trust and learning about how they do their work and how we can assist, we have identified the need to provide clearances to that community. And so we have committed to them to work through that process between our Department and the FBI. Senator Collins. Let me ask you about your own agency, which is the agency that focuses on critical infrastructure, including our election systems. Now, NPPD is not an official element of the intelligence community that would have routine access to especially sensitive classified information. So how do you know with any certainty whether you and others in the agency are read into all the relevant classified information that may exist regarding foreign threats to our critical infrastructure, including our election systems? Ms. Manfra. Yes, ma'am. I would say, despite the fact that we're not a part of the intelligence community and our focus is on network defense and operations, in partnership with the critical infrastructure and the Federal Government, we feel very confident that with the partnership with our own Intelligence and Analysis Division, that serves as an advocate for us within the intelligence community, as well as our direct relationships with many of those individuals in organizations such as the FBI, NSA, and others, that we receive information quickly; And when we ask to declassify that, they are responsive. And we work through our partners at the Intelligence and Analysis Office to ensure that that happens quickly. So is there room for improvement? Absolutely, of course. But we have the full commitment of the intelligence community to support us and get us the information that we need and our stakeholders need. Senator Collins. And, finally, how many states have implemented all the best practices recommended in the document developed by DHS regarding the protection of election systems? Ms. Manfra. Ma'am, I'd have to get back to you on a specific number of states. I don't have that. Senator Collins. Do you think most states have? Ms. Manfra. In our informal engagement, many of them noted that they had already adopted some of these and to the extent that they weren't they were incorporating them. Senator Collins. I would ask for a response for the record. Ms. Manfra. Yes, ma'am. Senator Collins. That's a really important point. Chairman Burr. Senator Heinrich. Senator Heinrich. Mr. Priestap, I want to thank you for just how seriously you've taken this and how you've answered the questions this morning in your testimony. I think you hit the nail on the head when you said we need to step back and ask the fundamental question, what do the Russians want? And by outlining that they want to undermine legitimacy in our system, that they want to sow discord, that they want to undermine our free and fair elections, we really have a better lens with which to understand the specifics of what happened in 2016. In your view, were the Russians successful at reaching their goals in their activities in our 2016 elections? Mr. Priestap. I don't know for certain whether the Russians would consider themselves successful. In many ways, they might argue that, because of the time and energy we're spending on this topic, maybe it's distracting us from other things. But on the other hand, exactly what this Committee is doing as far as raising awareness of their activities, their aims, for the American people, to me they've done us--in my opinion, they've done the American public a service in that regard. And so, I guess I don't know, but could argue either way. Senator Heinrich. Yes. I think the jury's certainly out for the future, but when you look at the amount of discord that was sown and the impact on 2016, I hope that the outcome of what we're doing here is to make sure that in 2018, and in 2020, and 2022, that by no metric will they have been successful. Mr. Priestap, you stated, very correctly, that one of their primary goals was to delegitimize our democracy. Are are you familiar with the term ``unwitting agent''? Mr. Priestap. Yes, I am. Senator Heinrich. Can you kind of summarize what that is for us? Mr. Priestap. In an intelligence context, it would be where an intelligence service is trying to advance certain aims and they reach out to a variety of people, some of which they might try to convince to do certain things; and the people, person or persons they contact might actually carry those out, but for different reasons than the intelligence service that actually wanted them to carry them out. In other words, they do it unwittingly. Senator Heinrich. By effectively reinforcing the Russian narrative and publicly saying that our system is rigged, did then-candidate Trump, now President Trump, become what intelligence officials call an unwitting agent? Mr. Priestap. I can't give you a comment on that. Senator Heinrich. I don't blame you for not answering that question. [Laughter.] We've got about a minute 46 left. Can you talk about the relationship between the election penetration that we saw and the coincident Russian use of what Senator Rubio very aptly described of trolls, of bots, of social media, all designed to manipulate the American media cycle, and how those two things fit together? Mr. Priestap. I'm sorry. To clarify, fit together the intrusions with the---- Senator Heinrich. What's the relationship between what they were doing in our elections from a technical point of view and what they were seeking to do in our media cycle by using trolls and bots and manipulation of the media cycles. Mr. Priestap. I guess the best way I can describe it is that this was a, my opinion, a well-planned, well-coordinated, multi-faceted attack on our election process and democracy. And while that might sound complicated, but it was actually really straightforward. They want to collect intelligence from a variety of sources, human and cyber means. They want to evaluate that intelligence, and then they want to selectively-- they might selectively disseminate some of it. They might use others for more strategic discussions. But at the end of the day it's all about collecting intelligence that would give them some type of advantage over the United States and/or attempt to influence things, and then, coordinated, well-coordinated, well-funded, diverse ways to disseminate things to hopefully influence American opinion. Senator Heinrich. This is a very sophisticated, highly resourced effort. Mr. Priestap. Absolutely. Senator Heinrich. Thank you. Chairman Burr. Senator Blunt. Senator Blunt. Thank you. Thank you, Chairman. Let's talk a little bit about once--let's start with a comment that DHS made in its written comment which says it assesses that the systems Russian actors targeted or compromised were not involved in vote tallying. Now, is that because the vote tallying systems are a whole lot harder to get into than the voter registration systems? Ms. Manfra. I can't make a statement as to why different systems were targeted. What we can assess is that those vote tallying systems, whether it was the machines at a kiosk that a voter uses at the polling station or the systems that are used to tally votes, were very difficult to access, and particularly to access them remotely. And then, given the level of observation for vote tallying at every level of the process, that adds into, you know, that we would have identified issues there, and there were no identified issues. So those two are-- -- Senator Blunt. Okay. I would think that if you could get into the vote tallying system and you did want to impact the outcome of an election, obviously the vote tallying system is the place to do that. And I would also suggest that all of your efforts, a lot of your efforts, should be to continue to do whatever DHS thinks they need to advise--I don't think we should centralize this system--to give advice to State and local election officials to be sure that that vote tallying system is protected at a level above other systems. You know, the voter registration system is public information. It is generally accessible in lots of ways. It's not nearly as protected, for that reason. You have lots of input from lots of sources into that system. And I think, Ms. Manfra, you made the point that you said that the best practice would be to not have the vote tallying system connected in any unnecessary way to the Internet. Is that right? Ms. Manfra. Both the kiosks themselves and vote tallying systems, to not connect them to the Internet and to also have, ideally, paper auditing trails as well. Senator Blunt. Well, I certainly agree with that. The paper trail is significant and I think more prevalent as people are looking at new systems. But also, I think any kind of third party monitoring--the first two parties would be the voter and the counting system--just creates another way into the system. So my advice would be that DHS doesn't want to be in a situation where somehow you're connected to all the voting systems of the country. And Mr. Liles, I think you said the diversity of our voting system is a great strength of the system. Do you want to comment on that any more? Dr. Liles. Yes, sir. When we were setting it as part of our red teaming activities, we looked at the diversity of the voting system as actually a great strength and the fact that there were not connected in any one kind of centralized way. So we evaluated that as--when we were looking at the risk assessment with OCIA, the Office of Cyber Intelligence Analysis--Infrastructure Analysis, we looked at that as one of the great strengths and our experts at the IC we worked with also said the same thing. Senator Blunt. Well, I would hope you'd continue to think about that as one of the great strengths as you look at this critical infrastructure, because every avenue for Federal monitoring is also just one more avenue for somebody else to figure out how to get into that system. And again, the voter registration system, dramatically different in what it does. All public information accessible, printed out, given to people to use, though you are careful of what information you give and what you don't. But almost all election officials that have this system now have some way to share that with the public as a system. There is no reason to share the security of the vote counting system with the public or to have it available or accessible. And I would hope that the DHS, or nobody else, decides that you're going to save this system by having more avenues, more avenues into the system. Ms. Manfra. Absolutely not, sir. We're fully supportive of the voluntary standards process, and we are engaging with that process with our experts, and we continue, again, with the voluntary partnership with the State and local. And we intend to continue that. Senator Blunt. Thank you. Thank you, Mr. Chairman. Chairman Burr. Senator King. Senator King. Thank you, Mr. Chairman. Starting with a couple of short questions, Mr. Priestap. Number one, you've stated this was a very grave threat, that Russia--the attempts to probe and upset our local election systems. Any doubt it was the Russians? Mr. Priestap. No, sir. Senator King. Any doubt that they'll be back? Mr. Priestap. No, sir. Senator King. To our DHS witnesses, have the 21 states that you've mentioned, that we know where we had this happen, been notified officially? Ms. Manfra. Sir, the owners of the systems within those 21 states have been notified. Senator King. How about the election officials in those states? Ms. Manfra. We are working to ensure that election officials as well understand. I'll have to get back to you on whether all 21 states---- Senator King. Have you had a conference of all State election officials, secretaries of state, here in Washington on this issue? Ms. Manfra. I have had at least two teleconferences; and in-person conferences, we will be engaging with them in July, I believe. Senator King. Well, I would urge you to put some urgency on this. We've got another election coming in 18 months, and if we're talking about systems and registration rolls, the time is going by. So I believe this is, as we've already heard characterized, is a very grave threat. It's going to be back and shame on us if we're not prepared. Ms. Manfra. Yes, sir. We have biweekly--every other week, we hold a teleconference with all relevant election officials. The national associations that represent those individuals have nominated bipartisan individuals to engage with us on a regular basis. This is of the utmost urgency for the Department and this government to ensure that we have better protections going forward, and the community, the election community, is similarly committed and has been so for years. Senator King. And just to be clear, nobody's talking about a Federal takeover of local election systems or Federal rules. What we're talking about is technical assistance and information and perhaps some funding at some point? Ms. Manfra. Sir, this is similar to our engagement with all critical infrastructure sectors, whether it's the electrical sector, the nuclear sector, the financial sector, is completely voluntary and it is about this Department providing information both to potential victims, but to all network defenders, to ensure that they have access to what we have access to and can better defend themselves. Senator King. Thank you. Mr. Liles, I'll take issue with something that you said, that we have a national election and it was just too large, too diverse, to really crack. We don't have a national election. What we have are 50 State elections. And each election in the states can depend upon a certain number of counties. There are probably 500 people within the sound of my voice who could tell you which ten counties in the United States will determine the next Presidential election. And so you really--a sophisticated actor could hack a Presidential election simply by focusing on particular counties. Senator Rubio I'm sure remembers Dade County in the year 2000 and the significance that had to determining who the next President of the United States was. So I don't think it works to just say, oh, it's a big system and the diversity will protect us, because it really is county by county, city by city, State by State, and a sophisticated actor, which the Russians are, could easily determine where to direct their attack. So I don't want to rely on the diversity. Second, a separate point is, what do we recommend? And we've talked about paper backups. The Dutch just had an election where they just decided to make it all paper and count the ballots by hand, for this very reason. So what would you tell my elections clerk in Brunswick, Maine, Ms. Manfra, would be the top three things he or she should think about in protecting themselves in this situation? Ms. Manfra. Sir, I would say to, first, as previous Senators mentioned, prioritize the security of your voting machines and the vote tallying system, ensure that they are not connected to the Internet, even if that is enabled on those particular devices. Second, ensure that you have an auditing process in place where you can identify anomalies throughout the process, educate polling workers to look for suspicious activity, for example. Senator King. But doesn't auditing mean a paper trail, a paper backup? Ms. Manfra. Yes, sir. I would recommend a paper backup. Senator King. And one of the worrisome things, again, on the issue of the national, we talk about how diverse it is, but aren't we seeing a consolidation in terms of the vendors who are producing these machines? Ms. Manfra. Yes, sir. It is my understanding that we are seeing some consolidation in the vendor community. Again, many of them are committed and have engaged on the voluntary voting standards and guidelines, which partly include security. We will be updating those security guidelines in 2018. And yes, while there is some concern about consolidation, we do look forward to engaging with them, and as of now they are a very engaged community. Senator King. I think this aspect of this question that this Committee is looking at is one of the most important, and frankly one of the most daunting, because we pretty well determined that they weren't successful in changing tallies and changing votes, but they weren't doing what they did in at least 21 states for fun. And they are going to be back, and they're going to be back with knowledge and information that they didn't have before. So I commend you for your attention to this and certainly hope that this is treated with the absolute utmost urgency. Thank you, Mr. Chairman. Chairman Burr. Senator Lankford. Senator Lankford. Thank you, Mr. Chairman. Thanks to all of you for being here as well today. To Senator King just as a heads up, there are some states that are like that. For 25 years the Oklahoma election system has had a paper ballot and an optical scan and it's been a very good back-up for us. We quickly count because of the optical scan, but we're able to go back and verify because of paper. This is such a big deal and it's such an ongoing conversation that I'm actually in two simultaneous hearings today I'm running back and forth with. In the Department of Homeland Security and what we're dealing with State elections and with State systems, is also happening in the HSGAC hearing that I'm also at, including my own Oklahoma CIO that's there testifying today on this same issue, how we are protecting State systems, State elections and what's happening. I brought this with me today. You all are probably--this group is very, very familiar with this e-mail. This is the famous e-mail that Billy Rinehart got from the DNC while he happened to be on vacation. He was out in Hawaii enjoying some quality time away from his work at the DNC, and he gets an e- mail from Google, it appears, that says someone has used your password, someone just tried to sign in to your Google account; sent it to him and told him someone tried to do it from the Ukraine; and recommended that he go in and change his password immediately. [The material referred to follows:] [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] Senator Lankford. Which, as the New York Times reported, he groggily at 4:00 a.m., when he saw that e-mail was frustrated by it, went in, clicked on the link, changed his password and went back to bed. But what he actually did was just gave the Russian government access to the DNC, and then it took off from there. Multiple other staff members of the DNC got an e-mail that looked just like this. Now, everyone who has a Google account, will know that really looks like a Google account warning. It looked like the real thing. When you hovered over the ``change password,'' it showed a Google account connection where it was going to, but it wasn't. It was going to the Russians. About 91 percent, my understanding is, about 91 percent of the hacks that come into different systems, start with a spear phish attack that looks just like this. So let's talk about, in practical terms, for our State election folks and what happens in my State and other states. First for you, Mr. Priestap. How does Russia identify a potential target? Because this is not just a random e-mail that came to him. This was targeted directly at him, to his address. It looked very real, because they knew who he was and where he works. So, how were the Russians that savvy to be able to track this person and how does this work in the future for an election system for a State? Mr. Priestap. So I can't go into great detail in this forum, but I'd say what intelligent services do, not just Russia there, is they're looking for vulnerabilities. That would begin in the cyber sense with computer vulnerabilities. As far as targeting specific individuals, I don't know all the facts surrounding that e-mail and all the e-mails that were sent, but my guess is they didn't just send it to one person. They sent it the email like that to a whole variety, just hoping that one would click on it. Senator Lankford. Right. But how are they getting that information? Are they going to their website, for instance, and gathering all the e-mails for it? I'm trying to figure out, are they tracking individuals to get more information, so they get something that looks like something they would click on? Mr. Priestap. Yes. You hit on it, but a whole variety of ways. They might get it through reviewing open source material, either online or otherwise. But they also collect a lot of information through human means as well. Senator Lankford. So, Ms. Manfra, let me ask you this question. When someone at any location clicks on a link like this, what access to information do they get typically? Ms. Manfra. Well, sir, it depends on the system itself. I imagine that's probably a frustrating response. But given the-- and I think this is important for the public to understand. As the threat evolves, they're going to continue as we educate the public, don't click on certain things. Look at, you know, make sure you know the sender, for instance, before you click on it, and as our defense gets better the offense is going to look for other means. And so we look, you know, in this case, ideally, we want people to look and see what is it that they're actually clicking on before they click it. Some organizations choose to say when an individual clicks on that link, they choose to not allow that to go to that designation, because they know it's suspicious or they have some mechanisms in place to put that into a container and look at it. Other organizations don't take those steps, and it really depends on your risk management and the technical control that you put in place. Senator Lankford. Let me ask you a quick question. Who has primary responsibility for Federal election integrity? Which agency is the prime mover in that? Obviously, states oversee their own, but which Federal entity is working with the State to say they're the prime person or the prime agency to do it? Ms. Manfra. For election cybersecurity, our Department, in coordination with the FBI and others, is leading the partnership with State and locals. Senator Lankford. Great. Thank you. Chairman Burr. Senator Manchin. Senator Manchin. Thank you, Mr. Chairman. And thank all of you for your appearance here today and your testimony. Being a former secretary of state of my great State of West Virginia, and also being a former governor, my utmost concern was voter fraud. Every time that we would have a report of a fraud, I would see the election participation decrease the next election cycle, thinking their vote didn't count. Is there any reason at all that any person that has the knowledge that you all have, or anyone that you've--on our Committee here, from the intelligence community, would give you any doubt that Russia was involved, and Russia was very much involved with the intent of doing harm to our election process, as far as the confidence level that voters would have? Do any of you have any concerns whatsoever, any doubts, that the Russians were behind this and involved in a higher level than ever? All three of you. Mr. Priestap. No, no doubt from the FBI's end as far as Russia's involvement. Senator Manchin. And you've all interacted with all the intelligence community, right? Mr. Priestap. Yes, sir. Ms. Manfra. Similar, sir. I have no doubt. Mr. Liles. No, sir. Senator Manchin. So nobody. There's not an American right now that should have a reasonable doubt whatsoever that the Russians were involved. Were all 50 states notified on Russia's intentions and activities during the 2016 election cycle? Had you all put an alert out? So if I'd have been secretary of state in charge of my elections in West Virginia, would you have notified me to be on the lookout? Ms. Manfra. Sir, I can discuss our products that we put out and I'll defer to the FBI on what they put out. We did put out products, not public products, but we did put out products, primarily leveraging our Multi-State Information Sharing Analysis Center, which has connections to all 50 states CIOs. And we engaged with the Election Assistance Commission and other national associations that represent those individuals to ensure that we were able to reach--again, this was a community that we had not historically engaged with, and so we relied on those, and we did put out multiple products prior to the election. Senator Manchin. And you're really not sure if these national associations, the secretaries of states, dispersed that information, put everybody on high alert? Ms. Manfra. I believe that they did, sir. We also held a conference call where all 50 secretaries of state or an election director if the secretary of state didn't have that responsibility, in August, in September, and again in October, both high-level engagement and network defense products. Senator Manchin. And if I could ask this questions to whoever, maybe Mr. Priestap. What was Russia's intention, and do you think they were successful in what they desired to do, even though they didn't alter--as you all have said, you can see no alterations of the election results. Do you believe that it had an effect in this election outcome of this 2016 election? Mr. Priestap. As far as Russia's intention, again, the broader being to undermine democracy and one of the ways they sought to do this, of course, here was to undermine the legitimacy of our free and fair election. Senator Manchin. Do you believe they were successful in the outcome? Mr. Priestap. No, I--the FBI doesn't look at that as far as did Russia achieve its aims in that regard. Senator Manchin. Let me ask this question. Are there counter-actions the U.S. can take to subvert or punish the Russians for what they have done and their intention to continue? And what's your opinion of the sanctions that we have placed on Russia? Mr. Priestap. As you know, the FBI doesn't do policy. I'm here today to provide you an overview of the threat picture, at least as I understand and see it. But obviously the U.S. government did take action post-election in regards to making a number of Russian officials---- Senator Manchin. Have you seen them subside at all any of their activities since we have taken some actions? Mr. Priestap. Subside? They have less people to carry out their activities, so it's certainly had an impact on the number of people. Senator Manchin. And finally, with the few seconds I have left, have we shared this with our allies, our European allies, who are going through election processes, and have they seen the same intervention in their election process that we have seen from the Russians in ours? Mr. Priestap. Sure. I can't speak for DHS, but the FBI is sharing this information with our allies, absolutely. Senator Manchin. How about DHS? Ms. Manfra. We are also sharing information with our allies. Senator Manchin. Are they seeing a high--an overaggressive, high activity, from the Russians that they haven't seen at this level before, such as we did during the 2016 election? Dr. Liles. Sir, there is media reporting that suggests that. We don't have direct government-to-government relationships from a DHS perspective. There is definitely media reporting that they're seeing an increased activity. Senator Manchin. Thank you. Chairman Burr. Senator Cotton. Senator Cotton. Thank you all for your appearance today. Mr. Priestap, in response to Mr. Heinrich's question about whether Donald Trump had become an unwitting agent of Russia and their efforts to sow discord and discontent about our elections, you said that you declined to answer, which is understandable. Let's look at this from a different perspective. Since her election defeat, Hillary Clinton has blamed her loss on the Russians, Vladimir Putin, the FBI, Jim Comey, fake news, WikiLeaks, Twitter, Facebook, and, my personal favorite, content farms in Macedonia. In her blaming her loss on these actors, has Hillary Clinton become an unwitting agent of Russians' goals in the United States? Mr. Priestap. And I'm sorry, sir, but I'd rather not comment. It's just something---- Senator Cotton. I understand. I just wanted to point out that you can look at it from two different---- Mr. Priestap [continuing]. It's just something I haven't given any thoughts to. Senator Cotton. Let's turn to other matters, then. Would you advise states and localities in the conduct of their elections or, more broadly, in their government services not to use or not to do business with Kaspersky Labs, companies that do business with Kaspersky, or companies that use Kaspersky products in their systems? Mr. Priestap. Sir, I can't really comment on that in this setting. Senator Cotton. Miss Manfra, would you advise them not to use Kaspersky products? Ms. Manfra. I can also not comment on that in this forum, sir. Senator Cotton. I don't even have to ask, Dr. Liles. You're reaching for your microphone. Dr. Liles. Yes, sir. I can't comment either. Senator Cotton. Okay. Senator Risch says he'll answer, but I'll let him speak for himself at a later time. Mr. Priestap, we've talked a lot about Russia's intent and activities in our elections, but I think it's important that the American people realize that it goes much farther than just elections and the 2016 campaign, as well. Isn't it true that Russian cyber actors have been probing U.S. critical infrastructure for years? Mr. Priestap. Yes, sir. I can't go into specifics, but they probe a lot of things of critical importance to this country. Senator Cotton. And as the head of counterintelligence, you write in your statement, that quote, ``Russia's 2016 Presidential election influence effort was its boldest to date in the United States,'' which implies there have been previous efforts. You also say that the FBI had to strengthen the intelligence community assessment because of our history investigating Russia's intelligence operations within the United States. Both of which suggest that this keeps you pretty busy in your portfolio at counterintelligence, is that right? Mr. Priestap. That's correct. Senator Cotton. And this Russian intelligence threat is not just a cyber threat, either. It also is a threat from traditional human intelligence, or what a layman might call spies, is that right? Mr. Priestap. Yes, sir. Senator Cotton. Do so-called diplomats who work down out of the Russian embassy in Washington, D.C., have the requirement to notify our State Department in advance if they plan to travel more than 25 miles, and give that notification 48 hours in advance? Mr. Priestap. They do. Senator Cotton. And the State Department's supposed to notify the FBI in advance of those travel arrangements, correct? Mr. Priestap. Yes. Senator Cotton. Is it true that the Russian nationals often fail to give that notification at all, or they give it at, say, 4:55 on a Friday afternoon before a weekend trip? Mr. Priestap. I'd prefer not to go into those details here, but--I'll leave it at that. Senator Cotton. Does it complicate you and your agents' efforts to conduct your counterintelligence mission to have Russian nationals wandering around the country more than 25 miles outside their duty assignment? Mr. Priestap. Sure. If that were to happen, that would absolutely complicate our efforts. Senator Cotton. The Secretary of Defense recently indicated at an Armed Services Committee hearing that Russia is in violation of something called the Open Skies Treaty, a treaty we have with Russia and other nations that allow us to overfly their territory and take pictures and they do the same here. Do we see so-called Russian diplomats traveling to places that are in conjunction with Open Skies flights that Russia's conducting in this country? Mr. Priestap. I'm sorry, I just can't comment on that here. Senator Cotton. Okay. Last summer, an American diplomat in Moscow was brutally assaulted on the doorstep of our embassy in Moscow. Did we take any steps to retaliate against Russia for that assault in Moscow? Did we declare persona non grata any of their so-called diplomats here in the United States? Mr. Priestap. If I recall correctly, we didn't immediately do anything in that regard. Senator Cotton. Okay. This Committee passed unanimously in Committee last year something that just passed as part of the omnibus spending bill in April a provision that would require, one, the State Department to notify the FBI of any requests for Russian diplomats to travel more than 25 miles outside their embassy and to report violations to you. It further requires the State Department to report those violations regularly to this Committee. What's the status of that provision now that it's been in law for about two months? Is the State Department cooperating more fully with you? Mr. Priestap. I guess I'd rather not comment on that here. We're still working through the implementation of that. Senator Cotton. Well, I certainly hope they start. Thank you. Chairman Burr. Senator Harris. Senator Harris. Thank you. Ms. Manfra, you mentioned that you notified the owners. I'm not clear on who the owners are. Are they the vendors? Ms. Manfra. What I meant to clarify is in some case it may not be the secretary of state or the state election director who owns that particular system. So in some cases it could be a locality or a vendor. Senator Harris. So is there a policy of who should be notified when you suspect that there's a threat? Ms. Manfra. We are working through that policy with the secretaries of state. That is one of the commitments that we made to them, and election directors, in order to ensure that they have appropriate information, while preserving the confidentiality of the victim publicly. Senator Harris. And can you tell us which states--in which states you notified the vendor instead of notifying the secretary of state? Ms. Manfra. We keep the vendor information confidential as well. Senator Harris. Are there states that you notified where you did not notify the person who was elected by the people of that State to oversee elections? Ms. Manfra. I don't believe that's the case, but I will get back to you with a definitive answer. Senator Harris. And how specific was the warning that you sent? What exactly is it that you notified the states or the vendors of? Ms. Manfra. Depending on the scenario and the information that we had--and more generally, what we do is when we get classified information we look to declassify as much as possible to enable---- Senator Harris. Let's talk about the election, yes. Ms. Manfra. So for this particular one, what we took was technical information that we had, that we believed was suspicious, and that was emanating from Russia, and was targeting their system. We asked them to look at their system. We asked--and this was part of the broader dissemination as well--we asked all states to look at their system, to identify whether they had an intrusion or whether they blocked it. In most cases, they blocked it. Senator Harris. Do you have a copy with you of the notification you sent to these various vendors or states? Ms. Manfra. I do not, ma'am, but we can get back to you. Senator Harris. Okay, and will you provide this Committee with a copy of the notification you sent to those states or vendors? Ms. Manfra. Many of them were done in person, but what I can show you is the technical information. That was also rolled up in the information that we published in December, but I can show you what we provided to the states and localities. Senator Harris. And did you notify each of them the same way? Or did you tailor the notification to each State? Ms. Manfra. We tailor the notification. It's a process for all victim or potential victim notifications, us and the FBI. So sometimes it may be an FBI field agent that goes out there, sometimes it may be a Department official that goes out there. Senator Harris. Okay. So in your follow-up to the Committee, please provide us with specifically who notified each State, and then who in that State was notified, the vendor or the State election official, and also what specifically they were notified of. In 2007, California worked with leading security researchers--the secretary of state at the time was Deborah Bowen--and they instituted some of the best practices, we believe, for election security. And my understanding is that it is considered a gold standard. So my question is, does DHS have the technical capability and authority to coordinate a study like that for all of the states? Ms. Manfra. We do have the technical capability and authority to conduct those sorts of studies, ma'am, yes. Senator Harris. Have you pursued that as a viable option to help the states do everything they can to secure their systems? Ms. Manfra. That is one of the areas that we're considering, yes, ma'am. Senator Harris. So have you taken a look at that study that was commissioned in California in 2007? And if not, I'd encourage that you do. Ms. Manfra. I have not personally, but I will read it, ma'am. Senator Harris. And I'm also concerned that the Federal Government does not have all the information it needs in these situations where there's been a breach. Is there any requirement that a State notify the Federal Government when they suspect there's been a breach? Ms. Manfra. No, ma'am. Senator Harris. And in terms of the American public and voters in each of these states, can you tell me is there any requirement that the State notify its residents when the State suspects there may be a breach? Ms. Manfra. I cannot comment. I know that multiple states have different sunshine laws, etcetera, that apply to data breaches within the State, so I couldn't make a general statement about what their requirements are at the State level. Senator Harris. And do any of you have any thoughts about whether there should be such requirements, both in terms of states reporting to the Federal Government and also states repor