John McCain U.S. Senator ~ Arizona

Press Releases

SENATOR JOHN McCAIN URGES FBI TO ADDRESS CYBERATTACKS ON ARIZONA ELECTION SYSTEM

Sep 14 2016

Washington, D.C. – U.S. Senator John McCain (R-AZ) sent a letter to Federal Bureau of Investigations (FBI) Director James Comey today expressing concern about attempts by Russian hackers to breach Arizona’s voter registration system, which led to a nine-day shutdown of the state’s voter registration website in June. In the letter, Senator McCain urges the FBI assess the damages this caused to the election system in Arizona; what steps the agency is taking to assist states like Arizona and Illinois that have been targeted by bad actors; and what policies it has in place to protect against and respond to future cyberattacks.
“[W]e cannot expect our state and local officials to fend for themselves in the face of cyberattacks, especially those that may be state-sponsored. Any foreign interference with American elections must be treated as a threat to our vital national security interests,” writes Senator McCain.

The letter is below and here.

September 14, 2016

The Honorable James B. Comey

Director

Federal Bureau of Investigations

935 Pennsylvania Avenue, NW

Washington, DC 20535

 

Dear Director Comey,

In June, the Federal Bureau of Investigations (FBI) notified Arizona officials that Russian hackers were behind attempts to breach Arizona’s voter registration system, which led to a nine-day shutdown of the state’s voter registration website. Russian hackers also reportedly breached Illinois’ voter registration database and stole as many as 200,000 voter records. Clearly, Russia is using cyber capabilities to undermine American national interests at every turn, and it appears that our democracy could be the next target.

While these incidents reportedly involve the actual or attempted theft of data, rather than actions capable of manipulating the results of the elections, they are no less serious. In the hands of a sophisticated adversary, such data could be wielded as a weapon that could seriously undermine public trust in the election system and the legitimacy of our government. At a minimum, these revelations serve as a warning of potential vulnerabilities in our election system. Yesterday, at a hearing before the Senate Armed Services Committee, Admiral Rogers confirmed that we continue to see activity of concern with respect to attempted interference in American elections through cyber means.

Unfortunately, these are not isolated incidents. As you know, on August 18, 2016, the FBI issued a flash alert notifying states of targeting activity against state board of election systems. In the midst of an election year, the events in Arizona and Illinois likely represent a foreshadowing of our cyber adversaries’ interest in stealing information, manipulating data, damaging public trust, and undermining the integrity of our elections.

While the administration of elections and the specifics of the process are under the province of state and local governments, we cannot expect our state and local officials to fend for themselves in the face of cyberattacks, especially those that may be state-sponsored. Any foreign interference with American elections must be treated as a threat to our vital national security interests.

These events raise serious questions ahead of elections in November. With this in mind, please provide a timely response to the following questions, as well as staff briefing on this matter prior to November 8, 2016:

  1. What is the FBI’s assessment of the risk that is posed by foreign actors, including but not limited to those in Russia, using cyber capabilities to attack or otherwise compromise the integrity of how state and local governments administer elections?
  2. Based on the FBI’s assessment, was there any damage to the Arizona election system from the breach identified in June? What remedial steps have been taken to ensure the breach does not impact upcoming elections?
  3. I understand that there is an active investigation underway, and based on public reporting, that the FBI, Department of Homeland Security, Director of National Intelligence, and National Security Agency are involved in aspects of this investigation and efforts to protect our nation’s elections from cyberattacks. Which agency or department is responsible for coordinating the government’s response and assistance with state and local election officials, particularly in Arizona?
  4. To what extent are those resources the FBI needs to help state and local election authorities address this risk effectively fully funded? What additional funding in this regard does the FBI need?
  5. What assistance has the FBI provided to state and local election officials responsible for managing elections, particularly those in Arizona? 
  6. Has this assistance been customized to provide assistance to small and rural communities that may lack the resources to defend against cyberattacks?
  7. What measures have been taken by the FBI, along with state and local counterparts, to assure the American public about the integrity of the election system, particularly in Arizona?
  8. What capabilities exist to provide real-time information to state, local, and federal officials about irregular or suspicious activity on election day?
  9. What is the FBI’s policy to respond to attempted interference in the nation’s election systems?
  10. How would designating election systems as critical infrastructure affect the FBI’s approach to safeguarding our nation’s election systems?
  11. Does the FBI have the authority necessary to prevent, investigate, and respond to cyberattacks on our nation’s election systems?

Thank you for your attention to this matter.

Sincerely,

John McCain

United States Senator

 

###

Related Files

Permalink: https://www.mccain.senate.gov/public/index.cfm/2016/9/senator-john-mccain-urges-fbi-to-address-cyberattacks-on-arizona-election-system