tv Jeh Johnson Russia Orchestrated Election Cyberattacks Didnt Change Tally... CSPAN June 21, 2017 8:00pm-10:29pm EDT
>> jeh johnson testifies about russian attempts to influence the 2016 u.s. election. after that, andrew mccabe on the fiscal year 20 15 budget proposal. congressman steve cohen on the russian investigation and his call for investigating eric trump's charity. former homeland security secretary jeh johnson appeared in a hearing for russian interference in the u.s. 2016 election. russian president vladimir putin -- they also discussed the rational for designating u.s. election systems is critical infrastructure in early january 2017. this hearing is 2.5 hours.
to open with a prayer. >> heavenly father, we are thankful for every blessing. thank you for the blessing of this nation. we ask that her people would strive to be worthy of that blessing. pray for humility and temperance and mail we do be pleasing to you. in jesus name, amen. consultation with adam, i make a motion to give each member seven minutes to question witnesses. it is their discussion on the motion? everybody would get seven including adam and i? good to go? the meeting will come to order. homelandcretary of security, jeh johnson. think you for being here this morning. we are and will remain an open session. this hearing will address only unclassified matters. interest ine the the committees informed work and we expect proper decorum to be
observed at all times and disruptions will not be tolerated. time, would mr. johnson please rise and taken of? -- take an of? ath? >> do you solemnly swear that what you say will be the truth, nothing but the truth comes hope you got? wax i do. >> this committee is charged with getting to the autumn of the facts are guarding russia's involvement in the 2016 election and what, if any steps were taken by the u.s. government to prevent such interference. we seek to get to the truth of what happened and it seeks to provide recommendation for improvement. and the response to russian cyber activities. unclassified january 17 assessment. elements of multiple state or local electoral boards.
that they werees not involved in vote tallied. meddling in our election system is extremely disturbing. our free and open election system. systemsg electoral threatens our basic freedoms. yourre at the helm in agency became aware of russian cyber intrusions into state and local election systems. you made the decision to the infrastructure as critical infrastructure in january of 17. the testimony will provide this committee and the american public with a better understanding of what happened and what more could be done to prevent the russians from interfering. you for successfully safeguarding the talley systems. but it is troubling that other
agencies did not respond more quickly to russian hacking. we are to talk about the future. given all we know, why did our election systems remain so vulnerable? what more can be done? i hope you will discuss these challenges and assist the committee in identifying these relations. >> thank you, mr. secretary, for your extraordinary service. three months ago, former fbi director james comey revealed for the first time that he had opened a counterintelligence investigation last july to determine whether persons associated with the had coordinated or colluded with the russian efforts to interfere in our election. last month, we heard from john brennan who helped us understand what the russian government did, how they did it, and what motivated them. he testified the information concerned him that he feared
some americans could be suborned to the russian cause and begin sending counterintelligence leads to the fbi for investigation. we will your testimony from former secretary of homeland security jeh johnson about how the u.s. government responded to this unprecedented interference in our political affairs. what threat the russians pose to the infrastructure and what steps we took to inform the public what was happening and deter the russians from further meddling. summer,iddle of last russians were not merely gathering information for additional intelligence purposes, but intent on weaponize and it for public domain and in no way intended to damage the campaign of hillary clinton. as a ranking member and part of the so-called gang of eight, i have been made aware of information concerning the russian hack. saw, and we believed it
was incumbent on the administration to inform the american people what was going on. the same day donald trump was urging the russians to hack hillary clinton's emails, the senator and i wrote to president obama urging the administration release anynd intelligence community assessments related to the dnc hack and develop a swift and powerful response. when the administration still had made no public statement informing the americans about what russians were doing, senator feinstein and i issued our own public statement carefully vetted by the intelligence community should beating the heck to russia and senior levels of the kremlin. that the administration would take steps to talk about how significant an action it was.
they expelled russian spies and closed facilities used by the russians for espionage against america. hope, secretary johnson, that you will be able to share a sense of the debate that was ongoing in the executive branch as evidence of the russian involvement and hacked emails piled up through the late summer and early fall. what led to such a long delay of making attribution and why was the most significant step of imposing costs on russia for its interference come only after the election and what are the lessons learned? relies on the trust of the american people and their institutions. the events of last year and the potential for worse in the future is a stark warning to all of us that we must guard our democracy jealously and there are powerful advocacy's that wish to tear down america's role as its champion. we have our work cut out for us, but the world is counting on us to be up to the challenge.
i thank you for your extraordinary service once again and your testimony today. i yield back. secretary johnson, would you like to make an opening statement? please proceed. sec. johnson: mr. chairman, you have my prepared opening remarks. just briefly in the time permitted me, representative conway, representative shift, members of this committee. you have my prepared statement. i will not repeat it here. in three years, i had the privilege of testifying before congress 26 times. though it is no longer part of my job description, i voluntarily accepted the invitation to be here today as a concerned private citizen. in 2016, the russian government at the direction of vladimir putin himself orchestrated cyber attacks on our nation for the purpose of influencing our election. that is a fact. plain and simple.
for thequestion president and the congress is, what are we going to do to protect the american people and their democracy from this kind of thing in the future? this committee has undertaken this investigation. i welcome it. , inincere hope is that bipartisan fashion, we find answers. last year's very troubling experience highlights cyber vulnerabilities in the political process. and in our election infrastructure itself. and clear in the rearview mirror, we must resolve the further strengthen our cyber security generally and the cyber security around our democratic process specifically. i have appeared to discuss my own views and recommendations on this topic. i look forward to your questions. >> i recognize myself for seven
minutes. thanks for being here this morning. a lot of questions will be asked and details. we will start with a top-level conversation about dhs's mission with respect to cyber. particularly how intertwined it is with respect to voter registration, voting, vote tallying, all of those things. and if you don't mind for an in what appears to be a delay when the fbi became aware things were going on and when it seems the dhs was informed. how is the relationship to the fbi relative to this infrastructure at the time and maybe going forward? if you can weigh in on that, i appreciate it. i think the: first, rules of the federal agencies in cyber security spell out pretty clearly last year in ppd 41. basically, the fbi is responsible for threat response. it dhs is responsible for asset
response. fbi,rime, law enforcement, patching vulnerabilities in the texting that actors in the system. the way i like to explain it publicly is jim comey is the cop and i am the firemen. jim,personal level, with we work very well together. i've known him for 28 years. days resisted u.s. attorneys together in manhattan. and at the top of both agencies, we worked well together. can i say that down to the field office working level, we were always fully coordinated -- were we always fully coordinated? no. but every morning in my intelligence briefing, there would be a net the i prefer there that was with me to give his assessment and tell me what the feedback on something was. so there is that.
i spelled out, in my opening statement, my prepared statement , the first time i recall hearing about the hack into the dnc and i recalled that it had been some months before that the fbi and the dnc had been in contact with each other about this. and i was not happy to be learning about this several months later. hack was at some point in time. what was the delay between the hacks the fbi was aware of? and the scanning of the attended intrusions? how long was there a delay between that and using your analogy, the flames are going up. how is that delay?
recollection, is that the fbi first discovered the intrusion. into the dnc. that recall very clearly there was a delay between that initial contact with the dnc and when the report got timmy s secretary of dhs. it may have been that there were others at the staff level that were privy to this before it filtered up to me. >> ignore the dnc for the moment and talk about the chance at whatever the russians did. when was that discovered? who discovered it? >> my recollection is that the
initial scanning and probing was discovered in late august. been mid july. but late august, in my mind. and my recollection is that once it was discovered, that information came to me and other senior people pretty quickly. is there enough -- it is one thing for the director and secretaries to have good working relationships. institutionalizing is what that's about. it ebbs and flows. as the system of notification between the fbi and dhs -- is there any impediments to that working on its own without the good relationship you had at the time? sec. johnson: in my observation, it worked pretty well but could stand improvement, very definitely. theink it is incumbent on
leaders of both organizations to instill that in their workforces. i think it worked pretty well together in my three years, but there were glitches. did nots where we communicate as effectively as we could have. thee want to reassure american public with what we do in future elections going forward -- you said in your opening statement and your prepared remarks that there was no vote tallying changes. that still your opinion with respect to the election? that the intrusions did not affect the actual voting itself? >> based on everything i know, that is correct. i have no evidence that through cyber intrusions, votes were altered or suppressed in some way.
>> the lessons learned moving forward, you designated the voting system is critical infrastructure. us a quick snap as to why that was important in your mind? was importantit because critical infrastructure receives a priority in terms of the assistance we give on cyber security. that is number one. there is a certain level of confidence and confidentiality that goes into the communications of critical structure and the department that are guaranteed. number three, you get the protection of the international cyber norms. they'll shout not attack medical infrastructure in another country. those are the principal reasons for doing this. there are 16 sectors already that are considered critical infrastructure. in my view, this was a no-brainer. it probably should have been done years before. and i'm pleased secretary kelly
has reaffirmed it. include the parties and infrastructure around candidates are just the mechanics of voting it elf? -- itself? read mynson: if you statement, it is pretty much confined to the election process itself. not the politicians, not the political parties. >> my time expired. last the late summer of year, it became apparent the russians were doing more than gathering foreign intelligence, that they were dumping it in a way designed to potentially influence outcomes. not by affecting the vote machines, but by affecting american public opinion with the dumping of these emails. that is happening in late summer. why did it take the administration so long to make a public statement that a foreign
adversary was trying to influence the american election. the statement didn't come until october. why did we wait from july to october to make that statement? sec. johnson: i will disagree that there was some type of delay. this was a big decision and there were a lot of considerations that went into it. this was an unprecedented step. first, with to carefully consider if that information compromises sources and methods. there was an ongoing election and many would criticize us for, perhaps, taking sides. that had to be carefully considered. one of the candidates was predicting the election was going to be rigged in some way. that by makinged this statement, we might be challenging the integrity of the election process itself.
this was a very difficult decision, but in my personal view, it was something we had to do. before theo do it election to inform the american voters of what we knew and what we saw. it would be unforgivable if we did not. and i'm glad we did it. congressman, every big national security decision i made in my time, somebody always criticizes you for doing it and somebody else's -- summary else criticizes you for not doing it sooner. i'm glad we did, frankly. i think the larger issue is it did not get the public attention that it should have, frankly. the same day, the press was focused on the release of the access hollywood video.
>> a want to ask you about that as well. were certain allegations by one of the campaigns, the trump campaign, that the process was rigged. but the allegation wasn't that it was by a foreign power. to inform important it public, then any risk might be seen as putting your hand on the scale? did the public have a compelling need to know? notwithstanding the claims of a different kind of rigging. and the need to rebut the idea that this was being presented to liberally to influence the outcome? yes, and yes.yes, that is why we told the american public everything that we could tell them on that date. we attribute the hacking
directly to the russian government and we were not yet in a position to attribute the scanning and probing to the russian government. we said it was coming from a russian-based platform at that point. at that point, we told the public everything we believed we could tell them. and i'm glad we did. the priority of informing the american public did override all of those other considerations which is why we did what we did. mentioned the statement did not get much attention. why didn't the administration go further? but in the president speak about this? have the statement without any further elaboration. there were no steps to impose sanctions on russia. why were those additional steps taken when the first notice was essentially overlooked by the public? sec. johnson: you should not
view the october 7 statement in isolation. i had been engaging state election officials since august and i issued a public statement on august 15. i issued a public statement on september 16. informing the public and state officials what we knew at the time. we shoot another public statement on october 1. the october 7 statement and then another on october 10. this was an ongoing effort to inform the public about everything we were in a position then to tell the public. it wasn't just the october 7 statement. the statement was notable in another way that it did not include james comey's signature as the agency that would be having the foremost responsibility for the forensic of attribution. while wasn't director comey's signature on that statement?
the thinking was that a statement should come from the intelligence community. jim clapper said on the intelligence community as the dni. separately, we wanted to put out a statement from dhs about what state election officials can do about this. and again encourage them to come to us. some point, we decided to make it a joint statement. that's what happened. >> there have been public reports that the russian probing was far more widespread than was publicly at knowledge. and may affect dozens of states. what can you tell us about what was known at the time and what you know now as the length and breadth of russian probing. how widespread was it? did it go beyond penetration of voter databases or manipulation of data in any way? veryjohnson: it was
definitely a growing list of states where we saw scandal around voter registration databases which concerned us greatly. as i think i stated in want of my -- in one of my public statements, in at least one or two instances, the effort was successful at an intrusion. there was a growing list and we saw the scope of this activity expanding as time progressed. and we were in a position to say that this activity itself was also the russian government. i, too, have seen the more recent reports. i have not had access to classified information for five months. i'm not in a position to tell you if it is right or wrong, but as fall progressed, we saw a progression of scanning and probing activities around voter registration databases, which is why i kept encouraging state officials to come and seek our help.
>> did that involve a majority of states? sec. johnson: yes. >> i don't mean that they took you up on the help, but did the russians probe a majority of state databases? sec. johnson: i see open source and am not in a position to agree or disagree. think 39 states and i'm not in a position to agree or disagree. >> good morning, mr. johnson. i want to start by thanking you for your service to our country which includes a very successful stent as a usa. you'll recognize some of my questions is leading questions, they're not trying to trick you, just in the interest of time.
five say something you disagree with, stop me. i just want to see if we can get some things out of the way we all agree on. russia has a history of cyber attacks against our country. is that true? sec. johnson: yes. >> and in our former jobs, russia would be considered a toeer offender when it comes undermining a republic. is that fair? sec. johnson: i think that is a fair statement. a career defender and have a history of cyber attacks on our country. sec. johnson: as do others, by the way. >> yes, sir. it's not just them but for the purpose of this morning, i will focus on russia. we suspected that they might attack our voting infrastructure
. is that fair to say? sec. johnson: yes. >> you warned that they were going to do so. i was concerned which is why kept issuing the public statements. >> you separated from service in january of 2017. use on no evidence the russians were successful at changing voter tallies or voter totals. sec. johnson: correct. the time he separated from service, had you seen any evidence that donald trump or any member of his campaign colluded, conspired, or coordinated with anyone else to infiltrate or impact our voter infrastructure? beyond what: not has been out there open source. and not beyond anything that i'm
sure this committee has already seen and heard before directly from the intelligence committee. dealer thing i have on that is derivative of what the intelligence community has and the law enforcement community. >> it strikes me that most of the information available was not there in the fall of 2016. that underlying data wasn't available in 2016. some of them before the election. sec. johnson: i'm not in a position to agree or disagree with that because i don't have access anymore to intelligence over the last five months. election, you had already seen evidence of russian efforts to impact our election. you testified they had a preference for a candidate. they were aggressive.
you used the phrase plain and simple. sec. johnson: with respect to efforts to hack into the dnc and other political organizations. yes, very clearly. >> i guess what i'm getting at. they are a career defender when it comes to attacking the foundations of our republic. elections before the that they may attack our voting infrastructure. after the election, president obama took steps to target russia and you took steps to consider our voting apparatus to be critical infrastructure. given what we knew before the election, what more could we have done and should we have done? we were not surprised russia was doing this to us. they always do it to us. done ore could we have should we have done before the election? hindsight is
brilliant. hindsight is 2020. i will preface my answer by saying that i think it was unprecedented, the scale and scope of what we saw them doing. there had very clearly been intrusion's before by a number of state actors as i am sure you are aware. in retrospect, it would be easy for me to say that i should've brought a sleeping bag and camped out in front of the dnc in late summer. certain thatu for in the late summer and fall, i was very concerned about what i was seeing. this was on my front burner all ,hroughout the pre-election encouraging states to seek our assistance. that most of them, red
and blue, did. hindsight is perfect 2020 but i am satisfied that this had my attention and the attention of my people because a push them at every step of the way to make sure we were doing everything we could do. there are lessons learned from this experience and is probably more we can and should do. >> you had a conference call or otherwise communicated with the states to offer them your assistance prior to the election. response oscillated between neutral and opposed? sec. johnson: correct. issue of the designating them as critical infrastructure. >> do you know if any of the states most vocally opposed to that designation were impacted by russian efforts?
sec. johnson: i would have to look at both lists. if you say impacted, or those states states that have their voter databases scanned and perhaps infiltrated. i would have to look at both lists. >> i'm wondering if the states that rejected your health -- health needed it the most. 36 of them accepted our health, but they were resisting the idea of a designation to be critical infrastructure which i went ahead and did anyway. >> what would that designation have done in october? what would it have accomplished, had you done it and fall of 2016 instead of january? sec. johnson: i outline the advantages of that declaration. but in the short term, my assessment was that we needed to
get them in. we need to bring the horses to water to seek cyber security help. making the designation would have driven them in the opposite direction. my number one priority pre-election was to get them to seek our cyber security help. for the most part, they did. >> thank you, mr. secretary. i begin by yielding to the ranking member. about have been asked whether the vote tallies were impacted. some have suggested that because the actual counting of the votes by the machines wasn't impacted, that therefore, you have testified there is no effect on the election. these are two quite different things. in your written statement, you said you're not in a position to know if the government directed hacks did alter public opinion and thereby alter the outcome of
the presidential election. sec. johnson: correct. >> and understanding if it had a determinative effect on the outcome, only whether machines were impacted. not people. sec. johnson: correct. you would need a social scientist or a pollster to do that. >> are you aware of the basis because we have heard testimony that the fbi investigation was somewhat compartmentalized. that they were fully aware of what went into the intelligence investigation? are you aware of the information that formed the basis for director comey opening a counterintelligence investigation as he testified in july of last year? >> if i did, i'm not sure i could talk about it in open session. >> do you believe director comey
would have opened an investigation on a presidential campaign lightly or on a hunch? sec. johnson: no. >> you would need evidence. based onson: everything i know about jim comey in the fbi, yes. plaques want to start by asking .ou questions this is not a new thing. i want to come back to that. you stated and we have heard inm others that the meddling the 2016 election was unprecedented in its scope and reach. i wonder if you could take a minute or two to help us better understand why it was unprecedented and what was better about this particular array of meddling versus what we've seen in the past. sec. johnson: we have seen a
history of various different types of bad cyber actors intruding into, infiltrating political organizations, political campaigns. that's what i was referring to. when i say this effort was unprecedented, i mean that we not only saw infiltration but efforts to dump information into the public space for the purpose of influencing the ongoing political campaign. in thatidespread respect, and we knew it was happening. >> distilling your testimony, we had seen scanning queries are what we might consider espionage trying to gather information. had never seen what the russians call active measures. the insertion of information designed to alter an outcome.
that is what makes this unprecedented? sec. johnson: yes. >> chinese actors targeted barack obama and john mccain. as you assume your duties in homeland security, how are we thinking about this? were we thinking about this issue in a constructive way prior to the last election? good question. it became a front burner item for me. in summer of 2016. and i began discussions with my should bet what we proactively doing to help state election officials prepare. i was pleasantly surprised to know that there was an election assistance commission and that dhs had collaborated with that
and there had been an ongoing through the eac. through state secretaries of state. going back to election cycles past. but this was becoming a matter for me. it was becoming front burner for me. there had been a ongoing dialogue. what was the catalyzing event that looted from back burner to front burner? sec. johnson: for me, it was the reports we were seeing about efforts and the emerging intelligence picture. bit more granular here. at the time, the voting machines and the political party databases, the associations that we understand may have been
probed that you thought were particularly vulnerable at the time? voterohnson: registration databases. in the course of learning about this issue myself, i took a look along with my staff at practices in different states. they tend to vary. but for the most part, there are redundancies and most exist off the internet in terms of collecting votes. there are a few states where it does not. but the states with some doj election assistance commission help have been engaging in best practices. but they tend to vary all over the lot. what we were most concerned about and what we were seeing her efforts at compromising photo registration databases. >> you said something i don't want to let drop.
that there is more that we could in should do to address this issue? what would your recommendations be at this point? sec. johnson: a number of things. one, i would, as a congress, think about grants to state election officials to help them harden their cyber security. i would raise awareness among as wellection officials as the public in general. evilsawareness about the and the hazards of spearfishing. in this current administration, there should be someone that does take the mantle of cyber security on full-time to highlight this issue and lead the charge on this issue. i preference would be somebody within dhs.
but we really need a national leader to take charge of this issue. and foremost, we need to encourage state governments and election officials to engage in best practices when it comes to vote tallies and so forth. and through grants. we ought to consider grants. >> secretary, it is good to see you again. i had a privilege of working with you and your secretary and i commend you for your service. you.mend just a few points before i yield to mr. gowdy. on whatu elaborate more the dhs's connection with the dnc was? or consultation with the dnc was after it became aware of the hack? them andt was offered
what they accepted? was there any level of cooperation? to myohnson: disappointment, not to my knowledge at all. are we in their? are we helping them discover the vulnerabilities? this was fresh off of the opm .xperience there was a point at which cyber security experts did get to opm and discover the bad actors and patch some of the exfiltration's or minimize some of the damage. i was inches to know if our folks were in there. the response i got was that the fbi had spoken to them. the answer i got after i asked the question a number of times
>> do you have any idea? sec. johnson: no. >> did the fbi try to help or assist? i moved to strike all references in the new york times. [laughter] >> maybe it is editorializing on my part, but that is an unusual response for the dnc. not that you would be partisan or anyone else, it was a republican administration --
this was an impartial governmental entity. justd it very hard to comprehend. it was definitely a nonpartisan interest. i wasll very clearly that not pleased that we were not in their helping them patches on her ability. the nature, when you're doing with high that actors and even , dhsical organizations does not have the power to issue a search warrant or get a search warrant and patch the vulnerabilities. >> moving ahead, is there any significant intelligence or information that came about after the election that was not available before the election? that the administration was so concerned, why was it that
suddenly, after the election, no serious action was taken? sanctions. and also, the public statements by the president, the intelligence community, really coming on strong. i will disagree with your premise. ,ne month before the election we did formally and very publicly accuse the russian government of doing this in pretty blunt terms uncommon for the intelligence community. the statement was pretty blunt, saying we know that the russian government is doing this based on the picture we saw at the time. to buildre continued upon itself as time progressed. there was more we knew about the russian government's efforts at scanning voter registration databases. you recall the october 7 statements that we were not in a
position to it should be that to the russian government but the picture got clearer as time progressed. on october 7, we issued a very clear declaration based on what we knew at the time. the russian government was behind the hack at the dnc. >> i'm not being critical of you. i'm saying it did not get the attention i would prefer it get. press and thethe voters are focused on lots of other things. >> in december, we had the drumbeat of stories. some open, some being leaked. sanctions. a seems with the power in mobilization of the administration to get the story out came after the election. the october 7 statement was overshadowed by the other instance. i am just so concerned.
the october 7 statement was an administration statement. that was the result of an intelligence community assessment. the president approved the statement. i know he wanted us to make the statement. it was by the united states government. >> in reality, the american people were not aware of it. way that it was in december and january, the american people would've been a lot better informed when they went to the polls. i issuedson: statements on september 16, october 1, october 7, october 10 about what we saw. job.u did your i'm really asking about the administration overall. could get you to put on your old hat for a second.
hacking into someone's server strikes me as a crime. the dnc was the victim of a crime. i'm trying to understand why the victim of a crime would not turn over evidence to you and jim comey who were both a political and come from a political backgrounds. i'm quite sure at some point in the timeline, they did do that. time, i wasnitial not satisfied that we were able to get in there ourselves to help them identify the bad actor and patch the vulnerabilities. i'm certain at some point, the fbi and the dnc had a dialogue, but you would have to ask them. >> like to yield a minute to the ranking member. >> point follow up on comments and questions as i really agree
quite completely. i'm not saying this is a matter of hindsight. senator feinstein and i were saying this in real time. why didn't the president of the united states -- you did what you could do. why didn't the president of the united states at the time you were making your attribution be to the american people and say that a foreign power is interfering in our affairs? is an american thing. they need to be rejected and they need to stop. why wasn't that done? was there thought given to that? sec. johnson: we did make the statement. and we were very concerned that we not be perceived as taking sides in the election, injecting ourselves into a very heated campaign.
or taking steps to, themselves, delegitimize the election process and undermine the integrity of the election process. we considered all those things in the decision was made that the director of national intelligence and the security advisor should make this statement. there were public statements made by various administration officials, including myself throughout the campaign season and pre-election to the same effect. >> secretary johnson, welcome and thank you for your years of service to this great nation. i would like to talk about attribution. by now it is well known the russians hacked, stole, and strategically dumped emails from the dnc in order to affect the outcome of the 2016 election. would like to understand
better is how the u.s. government came to reach that how the dhs and the rest of the government were able to attribute it directly to the russians. according to the declassified intelligence committee, we noted that russian intelligence "assessed elements of multiple state and local boards. how does one go about it should getting that to the russians? what type of information, signatures, or cyber activity would you be looking for in order to make that attribution? how do you go about validating that information? sec. johnson: you would probably have to have that discussion enclosed -- in closed session. it is sources and methods. i do recall that, looking at the intelligence, it was a pretty clear case.
perhaps beyond a reasonable doubt that the russian government was behind the hacks based on everything i was seeing. attribution, there are normal considerations about makes a look attribution to a state actor. thatrsonal opinion was those normal considerations were out the window and we had independent and overriding need to inform the voting public of what we saw. wasthe way a looked at it that if i were to issue public stock and i see a very powerful actor in the market trying to manipulate the price of my public stock, i have a duty to
tell the public what i know. >> head the dhs go about alerting them about what was going on? i know you designated it critical infrastructure. when entering to get at is, given your background and recommendation that we do something more now to really alert the state and local governments, how do we do it now ? what would be a better way to go about alerting them? sec. johnson: we did have a dialogue all throughout the fall with state and local officials. with dhs. there was the public october 7 statement but the conversation didn't stop there. we continued to have a dialogue with state officials as they came in to seek our cyber
assistance at the staff level. i think it was the case that we had a dialogue with just about every single of the 50 states. i think we had a dialogue with maybe one or two states and they signed up for the cyber security assistance. up,e were 36 that signed but we were pushing information out the door to everybody as often as we could. but in answer to your question. one thing i discovered is that state election officials are very sensitive about what they perceived to be federal intrusion into their process. i heard that firsthand over and
over. we're not interested in a federal takeover. >> doesn't the federal government have an interest in the integrity of these elections? i think the: federal elected officials have an interest in the integrity of the elections. that now that the campaign is over, maybe in audio, we could find a way to raise awareness when the temperatures down. maybe through grants and encourage best practices at the state level and maybe encourage of minimumet standards for cyber security when it comes to state election systems and voter registration databases. >> thank you. >> five minutes.
>> thank you for being here and thank you for your service. at some of this might be redundant but i'm trying to better understand how the different entities have come together. can you summarize the dhs role in cyber defense? summarize it,to we are the agency of the u.s. government responsible for asset response. we are responsible for working with identifying vulnerabilities, patching vulnerabilities, raising awareness. and because of the help we got from congress, where the principal portal through which information should pass to the u.s. government. >> and with that in mind, can you briefly tell us dhs's role in sharing cyber threat indicators? how that works? on my watch, it was the ncic.
the national cyber integration center is the place designated to receive cyber threat indicators and report them. >> ok. switching gears a little bit. aced on what you know now, what would you have done more or in response to the russian cyber attack of the 2016 election? sec. johnson: well, with the benefit of hindsight, there is always more things you can say to yourself i should have done. like i said earlier, with the benefit of hindsight, perhaps i should've camped out at the front door of the headquarters of the dnc. at the time, knowing what we knew and wrestling with the considerations that we had, i can tell you that this was very much a top priority for me. none of us knew how this was
going to come out and how far the russians were going to go in their efforts. -- virtuallyu every day during the campaign season, i was questioning my own staff about if we are mobilized, energized enough to do what we need to do. have we set up a crisis response center on election night? which we did. point, i picked up the phone and called the ceo of the associated press. they have had the responsibility for election night reporting to make sure that their systems were satisfactory. and i was satisfied to had enough redundancies in their system as well. election,-up to the this was satisfied in my mind.
ahead to 2018 or 2020, what scenarios most concern you? what recommendation should you >> the scenario that most concern me about the integrity of elections are not necessarily cyber security related. in the cyber security realm what i do worry about are the vulnerabilities around state voter registration databases. we solve those vulnerabilities last fall. tore needs to be more done secure voter registration databases so that information does not get out in the open. >> from a congressional approach, somehow grants to
states for databases or anything specific? >> the state election officials sensitive to how they run their elections. . remember the debate approachse the caret and encourage them through grants to bolster their own cyber security. >> what specific policy changes, if any, would you recommend to your successor, secretary kelly? >> in addition to all of the things we've just discussed, i think it's important that secretary kelly or the undersecretary for npbd take this on.
when i came into office in 2013, i viewed counter terrorism as the cornerstone mission of dhs and then after a time when i got a sense of a threat environment i realized that cyber security needed to be the other cornerstone, the other top priority of our department's mission. it's going to get worse before it gets better and bad cyber actors all the time are more and more ingenious, more tenacious, and more aggressive. so, i would urge secretary kelly to make this one of his top one or two priorities. >> thank you. i yield the balance of my time to mr. gowdy. mr. gowdy: thank the gentleman. director johnson, i don't want to beat a dead horse but i do think it's important, the last time you and i talked i wasn't 100% sure but since had confirmed the dnc never turned the server over to law
enforcement, so twice now you have said that you could have camped out in front of the dnc and i would say in defense of you it wouldn't have made any difference if you had because they weren't going to give you the server. so if you're investigating either from a law enforcement or from an intelligence standpoint, the hacking by a foreign hostile government, wouldn't you want the server? wouldn't that help you, number one, identify -- when we learned of the dnc hack. if they turned the server over to you or director comey, maybe we would have known more and make there would have been more for you to report. so i guess what i'm asking you, why would the victim of a crime not turn over a server to the intelligence community or to law enforcement? sec. johnson: i'm not going to
argue with you, sir. that was a leading question and i'll agree to be led. >> time expired. seven minutes. excuse me. hang on. my general counsel informed me that our unanimous consent order to extend the sfrgs for seven minutes per member is only good for an hour. so i ask unanimous consent each member has seven minutes to question the witness and hearing no objections we'll continue down that path. mr. carson: thank you, chairman, mr. johnson thank you for your service to our country. we heard since last year about russian bots that were released on the internet generating and disseminating fake news on social media platforms. as far as you understand, sir, how do these bots work and how did we come to discover them and how effective were they in basically shaping opinions and how do they interact with social media to make their campaign most effective? sec. johnson: congressman, you
are really testing me here. >> you are a brilliant man. sec. johnson: there are others who could sit here and give you a much better answer. it's hard to know. i mean the activity you cited i know is prevalent, it is hard to know to what extent it influences public opinion. like i said earlier about the election result, it is hard to know to what -- it is not for me to know to what extent the russian hacks influenced public opinion and thereby influenced the outcome of the election. >> sir, do you think, as i do, that the kremlin on some level managed to stoke uncertainty about our electoral institutions and thus their operation was successful and secondly, do you think with the russian influence or interference operation all of which americans were victims,
even if their votes were affected offer us lessons learned that we should carry on with us as we prepare for 2018? sec. johnson: certainly if the russian aim of what they did was to distract us and divert us from the business of government, whether it's health care or something else, yes. i mean, as evidenced by what we're doing here today. again, i think the answer has to be greater workforce awareness among those who use -- whether it's the dnc or you know, house.gov or the private sect e raise awareness among those who use the system about unrecognizable e-mails and attachments, you know. this apparently started with an
e-mail somebody shouldn't have opened. and i can tell you from experience, the most devastating attacks and forget the russians for a moment, the most devastating attacks by the most sophisticated actors very often start simply because somebody opens an e-mail they shouldn't open. and so, raising awareness about spear phishing can go a long way. and, as i said earlier, encouraging those who are -- who are responsible for our democracy in ensuring that their cyber security is protected and they have done what they need to do. >> thank you, sir. keep up the great work. i yield back. i yield to the ranking member. >> just to follow up on the dnc, my colleague will have questions too, but i take it whatever criticism you might have of the dnc for how they responded or whether they were willing to turn over the server or not,
you're not maintaining that's somehow justifies the russian hacking of our institutions. sec. johnson: no. of course not. >> because i think there is a tendency as in many cases to blame the victim over their victimization. the dnc was a victim here, were they not? sec. johnson: correct, yes. >> and there's a lot we're going to have to probe in terms of the government response as well as the dnc's t primary actor that interfaced with the dnc, dhs or the fbi? sec. johnson: well, in a perfect world it would be both of us. it would be law enforcement and asset response so dhs, law enforcement and when necessary the intelligence community. and there have been cases where we have worked well hand in hand together. law enforcement and homeland security addressing a situation. >> one of the reasons i raise
this issue is, and one of the reasons i think the public nature of these hearings is so important, is the russians are among the most capable cyber adversaries in the world, are they not? sec. johnson: yes. >> and for the most part if the russians want to get in the dnc or the rnc, they are going to find a way to get in, would you agree with sec. johnson: i tend to be not that fatalistic. especially in my old role. but it's you know, it's like saying you know, sooner or later there is going to be another act of violence in this country. but you can minimize the vulnerabilities and the opportunities through a number of steps that can be taken. >> without question. but nonetheless it is a fairly asymmetric battlefield it's much harder to defend than to be on offense. sec. johnson: correct.
i think i said that in my opening statement, yes. >> and for that reason would you agree that among the most important things we can do in addition to improving whatever our cyber defenses are, or how we respond to an intrusion, is to inform the public in a sense inoculate ourselves against foreign interference by consays sus whoever it helps or hurts we'll all reject it. isn't that ultimately the best defense and better than cyber defense defense? sec. johnson: that is certainly a critical part of a needed response which is one of the reasons why i felt strongly we should issue the october 7th statement. >> i think this was something that president obama alluded to when he did speak to this after the election that what in fact made this hack so successful for the russians was they were able to play on the deep divisions within our own politics and exploit that division to so discord within the united
states. would you agree? sec. johnson: i would -- yeah, i don't disagree with that statement. certainly the rhetoric of the campaign contributed to that as well. >> i thank you. i yield back. >> seven minutes. >> thank you, mr. chairman. thank you, mr. johnson for being here. i appreciate it. we're here to get some lessons learned and path forward and hopefully we can do that on a united front. i appreciate your insights here today. when you came in in 2013, it's obviously after an election, were you given information on previous attempts in previous elections say in 12 or 8 or 4, and the kind of things that take place because it's been said many times russia for example, they have been trying to do this type of stuff since the soviet union. so were you given any background to maybe help you? >> i was certainly aware not
just from my experience at dhs but from my experience as the general counsel to the defense department, that there had been nation state efforts at espionage for the most part, into various political organizations and campaigns. >> pleased to see that you have agreed with secretary kelly to make cyber top priority. probably very good advice. during this process, was it ever reported were there attempts on the rnc for example with phishing expeditions, spear phishing, was any of that reported anywhere else or any other agencies that are involved with elections? sec. johnson: yeah. so i remember there was a lot of back and forth around the rnc, sitting here now my head hasn't
been in this for a while, but sitting here now i remember there was something about the rnc, somebody could give you chapter and verse on that. but i remember there was something around the rnc too but i'm not sure what it is. >> some attempts at least? sec. johnson: my recollection here is going to be faulty. and so i just don't -- it's a notable question. >> thank you. so we're talking about hacking and from an external, foreign source, and clearly an illegal and activity. you are you look at something like -- in trying to influence an election. and you look at something like "access hollywood", i assume that was legally obtained, but trying to influence an election. i'm not trying to compare the two in any shape or form. what i'm going to we talk about russia today but we're also or there will talking about them other countries as you
well mentioned before. they are not alone in this or process. in but do we have domestic your concerns as well? we're talking a lot about well foreign entities trying to influence our elections through nefarious behavior. do we have concerns domestically as well we should be alerted to? sec. johnson: absolutely. domestically there are bad cyber whatdomestically there are bad cyber actors that would probably have a motive in trying to affect the outcome of an is election as well as you know, theft, ransomwear, a host of a other things we know about. in the >> have we seen any of that from the domestic front? i know we're talking about foreign entities today. have we seen attempts, successful attempts domestically to try and insflad >> cyber attacks for political motive, yes. sitting here i can't list them but i'm sure there have been. >> i don't want you to list
them. sec. johnson: you all may have been the victims. >> i'm sure there has been attempts. that's all i have. i thank you for being here today. i yield back. >> thank you, mr. chairman. thank you so much for your extraordinary dedication to public service for many, many decades. so anything that i ask you now is not an effort to undermine that. sec. johnson: by the way i'm billing this by the hour. just kidding. >> one thing we know is hindsight 20/20. when we look back oftentimes we say you know, i would have done things slightly differently. so, back on aught 15th, 2016, this is a year later from the dnc hack, you had a call with state officials about cyber security, and elections infrastructure in which you said you were quote not aware of any specific or credible cyber security threats relating to the
upcoming general election systems. unquote. and then offered support by dhs. why didn't you at that time say to the state elections officials, russia is intent on hacking into our systems. sec. johnson: because i was not in a position to say that at that point. the state of my and our awareness was progressing, and i will was not in a position to reveal or know exactly what we -- what we saw the russian government doing at that point. it was an emerging picture, and so but within a very short period of time and koult have been just before but within a short period of time around that time we began to see these intrusions scanning and probing into voter registration data
bases, and if you the look at my public statements you'll see that i informed officials at the time. >> two months later is when you said to them along with james clapper, that the russian government was in fact attempting to. but back in october you encouraged jurisdictions to seek assistance. so two months passed, early voting had begun, and there's a part of me that feels that we should have been able to have sounded the alarm earlier. but at the time on october tenth you encouraged jurisdictions to seek assistance, 33 states used dhs tools, 17 did not. if we know there is something vicious, viral attack is
happening, why would we not want to inoculate everyone? and in this situation, because it's being left up to the states, 17 states didn't even take you up on it. did you have a concern about that, did you reach out to them again, encouraging them to use the tools? sec. johnson: we had an ongoing dialogue and on september 16 i said publicly in recent month wees have seen suspicious cyber intrusions involving political institutions and personal communications, we have also seen some evidents at cyber intrusions of voter registration data maintained in state elections systems, on october 1 i said in recent months malicious cyber actors scanning a large number of state systems which could be a preamble to attempted intrusions and a few cases we have determined that malicious actors gained access to state voting-related systems. six days later i said the same thing again. not in a position to attribute
it to the russian government at that time, then three days later i made another statement so i was beating this drum constantly. >> i guess what i want to ask you is, in my mind this was, this cyber attack on our country was an act of war. it was unprecedented. the russian intentions were not just to hack into a couple of party servers but to do a full on effort to undermine our election. do you believe looking back at him it that we should have or should in the future standardize election systems? we have so many different steams around the country. some paper trails, some do not. is there value in going back to paper voting? sec. johnson: well, i would say to this congress if you want to try to federalize elections in this country good luck.
i think you probably all know better than i do the reaction you'll get from your state election official constituents. >> how about the equipment though? sec. johnson: again, there was an effort at this with hava after the 2000 election. we made some progress but this is something where i think a carrot over stick approach is in best warranted so through grants and other means you might have at your disposal i would encourage some of the election officials to adopt certain cyber security standards. >> voter registration lists were infiltrated. we have heard over and over again that we don't believe any of the votes were altered. i want to know how we can be confident that none of the votes were altered? first of all. the second question is, having -- if in fact that's the case, i
don't think any of us should be sanguine they won't attempt future elections. sec. johnson: i said based upon what i know i know of no evidence that votes were altered as a result of cyber attacks. but again, i have not had access to classified information in five months. and at this point you all are in a better position to know the answer than i am. >> so during after the election did dhs take any steps to determine whether or not the vote had been impacted by russians? what kind of steps could or would have been taken. >> no. i'm not sure i have the authority to do that. i don't -- the department of homeland security does not engage in vote recounts, election recounts. there are others that have that responsibility. >> so what message would you
like to send regarding how vulnerable their systems are to compromise? sec. johnson: i would say that your voter registration data bases are very vulnerable to exfiltration, exposure, and that all state election officials, local election officials, should undertake an effort to harden their cyber security, minimize the exposure of the process to the interyet. and that this is serious and we're not -- this is not just an academic exercise. it's a real threat because of what happened last year. >> thank you. >> thank you, mr. chairman and mr. secretary. thank you. i join with others in thanking you for your service. we had a chance to sit down last week at a dinner and i enjoyed that and walked away impressed as i think many people obviously would be.
i'm going to ask you a series of questions if i could. i got to tell you, i don't think you're going to like them. and i think they are going to be difficult to answer. but before i get to them i want to set the table if i could. i was in moscow last summer, came home from russia and i said they are going to mess with our elections. it wasn't baesed on any specific piece of intelligence, just on common sense and history and the things that we know. some of them we've been discussing here today. i think we have to agree that this mission,er overwhelmingly successful. some kgb captain just got promoted to four-star general. it was a resounding success from their point of view and they have to be thrilled. if success breeds success and it does. then we have to anticipate they are going to try to do it again. not just here but as we've seen throughout other western drokcys because democracies are
vulnerable. i think i want to emphasize this point politically divided democracies are particularly vulnerable. i think that's where we find ourselves. we ask what do we do? that's what we've again discussing. that's the point of this hearing, the primary point of is what do we now do? some of that's been diverted from i think our primary goal and some diverted unfortunately hi by what i think is political grandstanding. so i want to com back to it what do we do? mr. secretary, leads me to my questions yes, we can defend against e-mail hacks. i think we could train people not to be victims of phishing which is some of the dnc
officials were. you can protect voter registration machines, but this is the difficult part. how do you protect against propaganda? how do you protect against false news stories? how do you protect against internet trolls we know are paid russian employees? and the last question, this is tough, how do you encourage a gullible press to be more a mature in their judgment, rather than playing to russian hands? i think those are the real challenges and if you have hues on that i would love to hear them. that's where we're going cross ways in the future. >> all i can say is wow. where do i begin. >> i appreciate that response, that indicates your agreement that this is a real challenge for us s. that true? sec. johnson: i would encourage you to look at a speech i delivered at westminster college in missouri in september 2015. where i said that i believed it was the responsibility of those who hold public office and seek public office to be responsible in their rhetoric. those who command a microphone.
that's for starters. because overheated rhetoric can hurt innocent people. god bless the first amendment. you know, anybody with a key board now and access to the internet can say virtually anything they want about any public official in this room and you have little or no recourse because of the first amendment and the way it is interpreted. that's the age in which we've evolved. i grew up when we had gate keepers to news. and i suspect you did too. walter cronkite and others, in the 1970s if a big event happened in the course of the day, in my house it didn't really happen until walter cronkite told me it happened at 7:00 that's when i in my mind accepted it.
now with the 24/7 news cycle and the internet, and so many people in out there this call themselves journalists, who can say virtually anything without fact checking, make virtually any accusation and there are a lot of people who rely on that information, it's a new frontier. >> if i could sir, interject quickly, it's not just who call themselves journalists, in too many cases they are journalists and some of the institutions and i won't name them but some of these reliable or formerly reliable media outlets that we know now have just as i said have completely played into russian hands in some of the reporting they provided. sec. johnson: yes, that's a whole separate subject. >> and i interrupted you. i don't know if -- sec. johnson: no. i think my views on this subject are probably shared by lots of members of the committee.
>> thank you. again, i'll just to conclude, democracies are vulnerable, and it's easy or at least easier to protect your e-mail account, it's achievable we can protect voting machines but russian active measures are relentless, they are pervasive and we don't recognize it or as we've said, too often we play into their hands and make it all together too easy for them. and we do that to ourselves. i think we have to have a conversation with our fellow americans about. how do we discern what's real and not real and what is manipulated and what's not manipulated. it will be interesting to see what happens in some european democracies as their elections come up and in our own if the we're better dealing with this. finally again thank you for your many years of service. we are grateful for that. sec. johnson: let me just add to that in the time remaining.
every time i have an opportunity to sit down with a group of young people, like the interns here, i always ask the same question. how do you get your news? i'm interested to know how young people receive news. and it's not the way you and i grew up receiving news. when i do my daily commute in to new york city i'm probably the only person in the train in that car with a hard copy of a newspaper anymore. that's how i still get my news or at least you know, i'm the second or third pass anyway. when i was at dhs i got my news through the daily intelligence briefing and then read the newspaper to see how they were covering the news. it's fascinating to me that more and more people are getting their news in more and more different ways. less decertaining ways. >> the americans are so if i receive it in the news unless it's a sports score i'm not sure
i believe it and even the sports scores i'm going to check twice. i yield back. ranking member. >> secretary, i want to follow jackie spear -- jackie on voterquestions registration databases vulnerable to exfiltration. if they are vulnerable are they also vulnerable to the manipulation of data within the database and there could be uncertainty of someone is eligible to vote? there was not evidence of tampering with the vote counting machines, if those machines are wi-fi compatible updated through thumb drives or wi-fi
accessibility, are the machines themselves potentially vulnerable next time? mr. johnson: yes and yes to both your questions. >> thank you, and i yield to mr. quigley. >> thank you for your service. help me understand last august, to the question that we touched upon. dhs provided last august a readout of the call you had with the national associations of secretaries of state and other election officials. and quote you were not aware of specific or credible cyber security threats related to the upcoming general election systems. at the almost exact same time the state of illinois board of elections announced it had been hacked or some variation thereof. was this one of the reasons for your calls? what prompted the call, if you believed what you said -- they are not aware of any specific or credible threats? mr. johnson: the state of my
awareness was evolving constantly. and the statement i made on august 15 i am sure was a very careful statement, based upon what i knew at the time. what prompted the call was the general increasing threat environment that we were concerned about and so i wanted to engage state election officials to encourage them to seek our cyber security help and to raise this issue of designating them critical infrastructure. i wasn't going to do that without engaging them first. mr. quigley: let me reference vice chairman senator warner's letter to mr. kelly. he references -- we know that dhs and fbi confirmed two intrusions into voter registration databases in arizona and illinois by foreign based hackers.
there was suspicious activity at the election databases of multiple other states, he references, as have others. could you comment on his request and what your reaction would be? he urges them to work closely with state and local elected officials to disclose publicly which states were targeted to ensure they are fully aware of the threat and make certain there cyber defenses are able to neutralize the danger. made safer by keeping the scope and breadth of these attacks secret. mr. johnson: i have seen that letter. i don't have it in front of me. i think that what senator warner requested is probably a good request. i'm not sure whether dhs itself could provide all of the information, but more awareness around this
and to raise concern about it, i definitely endorse. mr. quigley: the question is, why would you not want to make that public? we are briefed constantly on public sector and private sector cyber attacks. one thing generally known is that most of the time, on either sector, the entity doesn't know it's been hacked. is that correct? mr. johnson: that is very often true. mr. quigley: someone else finds out for them, correct? mr. johnson: anytime you ask someone to make a public disclosure of this type, you have to balance against that -- are you revealing a vulnerability? mr. quigley: that has gotten around the barn -- out of the barn and is running around the farm right now. mr. johnson: there may be others -- mr. quigley: how many states of the left, given the numbers you talked about earlier? mr. johnson: the number we talked about earlier is 39, but that was based on open-source reporting. i don't know the exact number. in general i'm agreeing with what you're asking, whether there should be more public
awareness and disclosure around this. in general, i do not have an issue with that. mr. quigley: to finish the thought, most entities do not know they have been hacked. they are hacked for a long time before they are made aware, and are made aware by someone else. mr. johnson: that can be true, yes. mr. quigley: what is your knowledge of how long it takes before they find out they have been hacked? mr. johnson: it varies, it could be a long time. the actor can get into the system, be latent, lie in wait, given how some of these groups function. mr. quigley: so we've been informed that i think they said something like 9,000 entities run a federal election. the degrees of sophistication obviously vary widely. it reinforces the point i think you are agreeing to -- they need additional resources. but if they do not even know they have been hacked, how can they possibly know they need to come to you for assistance? mr. johnson: all the more reason why -- i preach this now in my
private life, a preincident examination of your cyber security is definitely worthwhile. it you will very often discover you have been hacked and did not know it. mr. quigley: i know what you're thinking -- this is a guy from chicago talking to me about election reform. [laughter] mr. quigley: we have a long and colorful history there, but we certainly do not want the russians playing the role. mr. johnson: cyber security is just one aspect of election integrity, very clearly. mr. quigley: obviously this is the one that worked. my time is about up. i thank you for your service. >> mr. crawford. crawford: thank you, mr. chairman. thank you mr. johnson for being here. we designated our voting network -- critical infrastructure. mr. johnson: yes. mr. crawford: 50 states that all have that many different versions, variations and methods of voting.
that must be very difficult to be able to synchronize that or harmonize that and implement comprehensive types of security strategy, correct? mr. johnson: that is not quite the nature of a critical infrastructure designation. that is not what it does. it prioritizes our assistance when they ask. certain level of confidentiality in their communications with us and gives them the protection of domestic and international cyber norms. not any type of federal takeover. mr. crawford: i understand. i wouldn't want that to be the case. but to your knowledge are there any states who have their actual voting terminals, are they online? mr. johnson: there are states that have aspects of their systems online. are states, for example, i believe that use the internet for absentee voting. mr. crawford: that could be
compromised. is that possible? mr. johnson: it is a potential vulnerability, yes. walk intord: when you vote, whether it be early voting or on election day, you walk in there and either you've got a screen, muchor like you see in front of me here . that is not online. would that be subject to -- mr. johnson: correct, in just about every state, as far as i know. yes. mr. crawford: following on what mr. schiff said, if there was an attempt made to compromise that, to affect the tally of the vote count, there has to be a human component there, correct? mr. johnson: well, there is a human component behind every cyber attack. mr. crawford: i get that, but i am talking about someone within the realm of the election in a precinct, state and
to be able to affect the outcome of that particular tally from that place. you follow my question? mr. johnson: i think i do. , for example,if if there was malware placed on a computer in the county courthouse and they took a thumb drive, inserted that into a terminal -- you cannot directly hack into this. mr. johnson: if your question is, is it impossible for somebody offshore to manipulate an election results, i am not sure i would agree with you. mr. crawford: tell me why. thejohnson: you never know limits of human ingenuity. but, to the extent, any part of the system or reporting of a result exists on the internet, we have to be concerned about the book -- the vulnerability of
that. whether it is from and after domestic or international. i think it was congressman schiff who talked about a ways -- the ways in which model where -- malware can be implanted. is crawford: malware generally affected by unwitting actors that may open up any male .- open up an email mr. johnson: if you're asking me whether it could only be the case whether somebody could affect an election if they are domestic-based, i am not sure i would agree with that. mr. crawford: that is the gist of where i am going. the offshore stuff, we have hackers from around the world, russia most notably in our context today. but others have taken active measures in elections. is, for them to fully
affect the outcome of the election in terms of manipulating numbers, with they not need some sort of complicit, individual physically present to affect that? mr. johnson: i am not prepared to agree with that. just because cyber bad actors are traditionally clever, aggressive, tenacious. i do not think i could categorically agree with that. mr. crawford: without having access to this terminal through a network, and only being able to update that software on the terminal through a thumbdrive or some other connection, someone would have to physically connected to do that. that is what i am saying. mr. johnson: i am sure, i am not a cyber expert. i learned a lot about this topic in the last three years. that is a conversation you should have with people who really understand these capabilities. mr. crawford: thank you, i will balance my time to mr. gowdy.
gowdy: thank you for your service to our country, doj, dod, and dhs. our committee has been asked to do four things, what did the russians do and with whom and with who did they do it what -- do it, what was the government response, and then the issue of leaks. you a member of the intelligence community, a former federal prosecutor, can you speak to what a negative impact -- let me rephrase it. how important are surveillance programs, and to the extent of that the flow nice dissemination of classified material endangers the reauthorization of those surveillance programs how , important and critical are they to our national security? mr. johnson: based on my experience, reading intelligence every working day, in the front of my working day, i would say that
intelligence, our intelligence collection capabilities are vital to the ability of national security officials to do their job, to keep the american public safe. i agree with your question in that the compromise of that type of intelligence endangers our ability to continue this activity, compromising foreign partnerships, endangers those foreign partnerships. i cannot overstate for you how important it is that we have good intel, access to good sources, to do our jobs. otherwise, you're flying blind. mr. gowdy: thank you, director. >> seven minutes. >> thank you, chair. may i yield to the ranking member? >> i will be quick. just on the point that my colleague mr. gowdy raised.
i fully concur with mr. secretary these intelligence programs like 702 are critically important. there have been a number of leaks, we do not know where they come from. some may have come from agencies, some may have come from the president possible and staff. i just want to make sure we do not jeopardize these programs by a true beating leaks to sources when we do not know what the sources of those leaks are. we would ills serve the country if we do away with vital tools as a part of a political tact rather than based on the merits of those programs and any forms that are necessary. that's just some commentary rather than asking for response. but i'll yield back. >> mr. secretary, was our democracy attacked this past election? mr. johnson: yes. >> by who? mr. johnson: the russian government. >> based on your experience,
this attack could've been carried out not just by russia, but foreign adversaries, is that right? mr. johnson: yes, certain nation state actors have those capabilities. mr. swalwell: it also could've been carried out by terrorist groups, is that right? mr. johnson: the level of sophistication we saw last year, i am not sure the terrorist organizations that i'm familiar with would have that level of sophistication and capability. but it is an emerging threat. mr. swalwell: certainly by cyber criminals? mr. johnson: yes. mr. swalwell: you described the cost of this attack is a cast that we find ourselves in here today. we are holding hearings and as you describe, we not working on issues like health care. mr. johnson: the people's business, correct. i think that's one of them, yes. mr. swalwell: and would you agree the first step to solving a problem, have you heard of this quote or idea, is to acknowledge that a problem exists? mr. johnson: sure, yes.
mr. swalwell: why do you think that president trump will not state that russia meddled in our elections? mr. johnson: you would have to ask him, sir. i've seen various different statements from him on this topic. mr. swalwell: does that concern you? mr. johnson: well, i think that a president, a secretary of defense, a secretary of homeland security, a secretary of state, depends upon the intelligence community. otherwise if you , don't, you can't effectively do your job. you're flying blind. your intelligence community is what are your eyes and ears to do your job. mr. swalwell: mr. secretary, you've talked about what we need to do going forward and i'm glad you brought that up because this committee as mr. gowdy referenced, we had one of our duties is to get to the bottom of whether u.s. persons worked with russia and it's the fbi and department of justice's job if they did to hold them accountable.
i think we all agree that if we are back here in 2019 or 2021 after the midterm and the next presidential election, talking about a new hack and a new meddling, we have failed the people that we represent. and you talked about in your statement that you came to the determination that election infrastructure should be designated as critical infrastructure sub the structure -- sub-structure. can you explain what this designation means, legally and practically? mr. johnson: essentially, three things. one, it means that when the sector seeks our cyber security assistance we prioritize providing it. number two, it means that the certain communications that we have with critical infrastructure are confidential and protected from public disclosure so as to avoid discussion about vulnerabilities. number if you your critical three,infrastructure you have
, the protection of the international cyber norm that says nation states should not attack critical infrastructure of other nation states. mr. swalwell: would you agree conducting stress tests as we now do, post 2008 as we do with financial systems on voter , information and voter balloting systems would be helpful? mr. johnson: yes. mr. swalwell: mr. secretary, in addition to structural reforms to our election systems do you agree that just a general broader awareness would benefit the american people as far as social media trolls, fake news, the dissemination of hacked information and how that can affect outcomes? mr. johnson: yes. mr. swalwell: mr. secretary you , said that in january you designated our election systems as critical infrastructure and i want you to comment on a claim that candidate trump made during the campaign season. he said, remember we are , competing in a rigged election to a wisconsin rally.
they want to try and rig the elect at the polling booths, where so many cities are corrupt and voter fraud is all too common. did you find any polling booths were rigged? mr. johnson: as i said, i know of no evidence that as a result of any cyber attack, ballots were altered or reporting was altered. that comment goes to cyber attacks. i cannot comment on the integrity of every voting machine in chicago or san francisco or south carolina. mr. swalwell: after the election, president-elect trump said that 3 million to 5 million people cast illegal votes. in your position as homeland security secretary did you find , that that occurred? mr. johnson: i am not in a position to comment on that. i heard the same claim. i'm just not in a position to comment on that. mr. swalwell: and can you judge the credibility based on your experience and interaction with james
comey? do you find him to be a highly credible individual? mr. johnson: yes. mr. swalwell: do you find john brennan to be a highly credible individual? mr. johnson: yes. mr. swalwell: and mr. secretary, can you just talk a little about you talked about the importance of a caret, rather than a stick, with our local election systems. i don't think any of us want to see a federal takeover but we , don't want to find ourselves in a position like this again. what can we walk away from today and tell our local election officials that we could do together to make sure that they are better prepared the next time americans go to the polls? mr. johnson: the process is vulnerable to future cyber attacks by those who are becoming increasingly aggressive, ingenious and capable. so that is number one. number two, it's in everyone's interest at the local, state and national level to ensure the cyber security integrity of the process. which is vulnerable and exposed
, in certain respects. we had the experience we had last year and from that we have , to learn. if we do not grapple with this, we're failing as a democracy. those of us in public office are failing the people we serve. mr. swalwell: thank you, mr. secretary for your service. we wish you well in the private sector. >> you have a minute? >> thank you, mr. chairman. thank you, mr. secretary, for voluntarily being here today and for your service to our country. my line of questioning will focus on the january 6 intelligence community assessment. according to the unclassified assessment released on january 6, quote, dhs assesses that the types of systems we observed russian actors targeting or compromising are not involved in vote tallying. can you outline what are the key factors that allowed dhs to make this assessment that we successfully protected the integrity of our vote tallying system? mr. johnson: it was the result of spending a lot of time
examining, state-by-state, what the practices are, and were. and that assertion was based upon our best available intel that we had at the time. mr. stefanik: can you speak more about the process of evaluating state-by-state. i assume that began after the election. how long did that take? mr. johnson: after and before. mr. stefanik: after and before. mr. johnson: and when i got into this myself in the summer of 2016, i was pleased to see that a lot of that analysis had already been done within dhs and in the interagency, so it didn't begin post-election. and one of the takeaways was that the voter registration databases are run -- are vulnerable, because they can be infiltrated online. but
the way the tallying and voting and reporting of process works it is largely offline and it is , redundant in many ways. so if one avenue fails, there's another avenue. but that some of it does exist over the internet by way of absentee ballots, absentee voting and the like. and so that was the basis for that statement at the time. mr. stefanik: thank you. mr. johnson: the absence of anything to suggest the tallying had been compromised. mr. stefanik: thank you for that clarification. other than providing an assessment regarding vote tallying systems, what was dhs's role in any, if any, in preparing the lblgs -- preparing the intelligence community assessment? mr. johnson: there were a number of recommendations that we made that i believe are in a nonpublic document. in terms of the actual intelligence assessment, i
believe we had a role in what you just stated. we had a role in making that assessment. but for the most part, what the russians were doing, sources and methods was the role of the intelligence community -- cia, etc. mr. stefanik: was there a reason why dhs's role was so limited? mr. johnson: i wouldn't characterize it as limited. you know, going back to october, the statement that was issued in october was a joint statement of dni and dhs. our people were very definitely involves in the report there was issued on january 6, as well as some of the documentation for actions we took on december 29. ms. stefanik: let me ask you about the october 2016 joint statement you just referenced. the quote that was included in that statement, it says you are, quote, not in a position to attribute scanning and probing of state election related systems to the russian government.
and yet, in the january -- mr. johnson: i think i wrote that sentence. ms. stefanik:? you did mr. johnson: yes. ms. stefanik: you are the correct person to ask, then. because according to the january 2017 assessment, the quote was russian intelligence , accessed elements of multiple state or local electoral boards. what new information enabled attribution of this activity? mr. johnson: couldn't say in this session. ms. stefanik: we will follow-up with you in closed session. there is a: documented answer to that that will be reflected in intelligence reports, i am sure. 7e statement i made october was accurate at the time, based on the state of awareness at the time. ms. stefanik: we will follow up in a classified setting. thank you very much for the answers. i yield back. >> gentlelady yields back. seven minutes. >> thank you chairman, thank you secretary for your testimony here today. the american people understandably are very concerned about the integrity of our democratic processes and our voting systems.
just so we can frame it very clearly, let me ask you, do you know of any law that requires even minimum basic cybersecurity protections for our voting systems? >> no. mr. castro any state law that : requires it? mr. johnson: sitting here now, i do not know the answer to that question. maybe. -- mr. castro: and you described extensive efforts that you and others in the government took to work with the states on protecting the integrity of their voting systems and you noted that most states complied and came forward and worked with the federal government. but it's also fair to say that some states did not come forward, is that right? mr. johnson: correct. mr. castro for those states that : did come forward and work with the government, the federal government, we don't know what they did with that information that we provided to them or that advice? a numberon: there were of phone identified and reported to the states. i have to believe they took
steps -- we acted on good faith they did. mr. castro: you cannot say conclusively they took the advice we gave them. mr. johnson: i cannot say conclusively. there are probably others at the staff level at dhs who can give you more details about what we knew they did do. mr. castro: ok. thank you. we talked today about election systems and databases that state and local governments oversee and operate, but i want to ask you about our major political parties. the declassified intelligence community assessment noted that russian intelligence services conducted cyber operations associated with both major u.s. political parties. the specifically discuss relentless and systematic cyber attacks the russians perpetrated against the dnc. it does also note the russians collected on republican affiliated targets. what's interesting is they did not conduct a comparable disclosure or dumping of campaign material against the rnc.
just this week, the private security firm upguard reported its discovery that an rnc contractor left an immense amount of voter data. in fact, 1.1 terabytes, according to the report. exposed and inunsecured in -- unsecured in publicly accessible online databases. the error says the data included information on roughly 200 million americans. clearly, neither political party is immune to the pitfalls of online data vulnerability or invincible to malicious hackers hunting for security lapses to exploit. in light of the preceding discussion of election systems as critical infrastructure, which you've advocated for, do the political parties themselves, their net -- their networks, databases, financial and donor information, merit inclusion as well? mr. johnson: well, that's an interesting question. the danger with going down that road is you start to lose clarity about what's critical infrastructure and what's not.
the definition that i wrote on january 6 very clearly was confined to election infrastructure and not political organizations. because i thought we needed that clarity. so everyone knows what is critical infrastructure and what is not. but i'm not disagreeing with the premise of your question. i think there needs to be greater awareness around the cybersecurity of political institutions in general and political campaigns. mr. castro: the next few questions are about consultations or how accessible essentially, the resources would be to political parties question.. when you were at dhs, was there any discussion the government about whether campaigns should receive counterintelligence briefings or briefings about the threats to our elections or cyber threats to campaigns and is this , something you would think is wise to do? mr. johnson: provided it is done so on a bipartisan, nonpartisan
basis, i think that information sharing of threats is a good idea. mr. castro: and do political campaigns or the major political parties have the ability to work or contact dhs to obtain cybersecurity assistant or expertise? can they go forward to you and work together on this stuff? mr. johnson: yes. mr. castro: you have concerns about the security and integrity of primary election voting systems or databases? mr. johnson: to these same extent i would for general elections, yes. mr. castro: and how should we approach the security of the primary elections is integral components of our general elections and overall process? mr. johnson: i think the same vulnerabilities that exist with respect to general elections exist with respect to primary elections. to my knowledge states run , primaries mechanically the same way they run general elections.
with the same voting machines and reporting mechanisms. mr. castro: thank you, i yield back. >> gentleman yields back. we extend questioning to seven minutes expired. we allow each member to use seven minutes instead of five. hearing none, i recognize mr. hurd. hurd: thank you, i would like to associate myself with colleagues who have thanked secretary johnson for his years of service to our country. secretary, -- mr. secretary, i have two sets of questions i'd love to chat with you about. the first sets are what ifs. and i ask these what ifs under context of we're trying to figure out what could we have done differently and what should we do in the future? i know one of the things you are trying to do during your time as
secretary of the department of homeland security was, the reorganization of the npdd. right.nson: mr. hurd: if the npdd had been reorganized the way you had envisioned it, and let's say that had happened in early 2016, how would that have helped in dealing with this issue that we dealt with in our elections? it is difficult to , had something been done, the outcome would have been different. i'll say two things. one, i do think that there is strong advantage to reorganizationing npdd into a leaner and meaner organization that focuses solely on cyber security and infrastructure protection. because the two are so interrelated that something we would need congress to do. i know that there are a number of people in congress who support that idea.
i continue to believe it is a good idea. when it comes to the efforts we made to engage state election systems, i was impressed with the apparatus we did have within npdd to do so, and to address all of the states that came in and thought our assistance. that mechanism would exist, whether npdd was in its old form or new form. but in general, i think we need to reorganize npdd into a cyber and infrastructure protection agency just simply because there ought to be an agency of the u.s. government dedicated to cyber security. mr. hurd: thank you, sir. and again, the next what if. and i recognize the difficulty of answering what if questions. but the goal is to try and understand how we could do things differently.
had the electoral systems or infrastructure been identified as critical infrastructure by dhs in early 2016, how would that have impacted the situation we just went through? mr. johnson: i can't say. it's something that when i first addressed this issue with my staff and they first suggested it to me, i thought this is something we should have done a long time ago. why isn't it? one thing they said to me, you could view it as already critical infrastructure because government infrastructure is already critical infrastructure. my view was, we needed to publicly declare it to make a big deal over the fact we are going down this road for the domestic and international office. mr. hurd: my next set of
questions is really just in the interest of standardizing terminology and make sure we're all seeing off the same page. our utility system, our grid, that's identified as a critical infrastructure, correct? mr. johnson: correct. mr. hurd: has dhs ever taken over a grid or a utility municipal company? mr. johnson: not to my knowledge. mr. hurd: ok. our telecommunications -- mr. johnson: not sure we have authority to do that. mr. hurd: our telecommunications infrastructure is considered a critical infrastructure, correct? mr. johnson: correct. mr. hurd: and has dhs ever taken that system over? mr. johnson: no, no. nor do we have the authority to do so. mr. hurd: good copy. i'm just helping to baseline what a designation of critical infrastructure actually means. you've said that many, many times today. i'm not going to ask you to do it again. but this is a conversation i have engaged in many times, as
well. scanning and probing. could you maybe give us a quick explanation what that is? mr. johnson: when i started addressing this publicly, somebody said to me, jim comey made a statement publicly that there was scanning and probing of voter registration systems. i said, that is a good phrase. let's use that phrase. i thought it captured what we saw. eventually what we saw was, success in infiltrating voter registration databases, which i reported publicly. is scanning and probing basically looking into a locked box to see what is inside. mr. hurd: or it's a passive tool that happens millions of times across the united states every single day.
would you agree with that? mr. johnson: it can, yes. i do not know if i would describe it as passive, but yes. mr. hurd: the voter registration databases that we've talked about, isn't the information that's contained within voter registration databases publicly available information? mr. johnson: not necessarily. it may depend on each state. mr. hurd: because in texas you can go down to the county office and get that information. i'm curious as to why our hostile actors were i -- i definitely know that the financial systems, whether on the federal level, through fcc websites, every state has this information made available. why would you think a hostile actor like the russians would be trying to hack systems the
-- systems where the information is publicly available through a portal available to the public? mr. johnson: i do not know that in every case and every state, the information that was examined was publicly available. my concern was, that if a bad actor is doing this it might be , a prelude to wiping out or eliminating voter rolls or altering them in some way. .r. hurd: good copy mr. chairman, i yield back the time i do not have. >> gentleman yields back. >> thank you, i yield a minute to the ranking member. >> i think the gentleman for yielding. mr. secretary, i just want to thank you as we come towards the end of the hearing for your testimony today and for your profound service to the country. and i also wanted to acknowledge and thank my wenstrups conaway and
for the aid they gave to our colleague who was injured during we areoting last week. glad they are safe and with us. we are glad that have him. we're thinking of our colleague and wishing him a speedy recovery. i yield back. >> mr. secretary, thank you for being here. i want to talk about the future. the ic has assessed, and we regularly hear it from both former and current government officials that , the russians will be back. they'll be back to disseminate fake news, back to hack and a steel this information, intended to harm good people. they will be back to find their way into the very infrastructure we trust to help us choose our elected officials. the very infrastructure we choose or trust to uphold our democracy. i think more than anything that puts this entire question into very vivid
and stark relief. it is namely as follows. i'm from the school that says america is exceptional. we're going on nearly a quarter millennium of the longest running democracy in the history of our planet. but it's not just the longevity that distinguished us. it's our rule by law. it is error free, fair open , elections, conducted with integrity. and most importantly, quintessentially, it is a peaceful transfer of power. nobody else has ever managed this. regularly transfer power in a peaceful manner. and the winners and the losers accept the outcomes. why? because we are ruled by law. because we do have free, fair, open elections. and that is what is at stake here. that which defines us. this goes to the very core of who we are. but my question for
you, sir, just to be abundantly clear -- will the russians be back? mr. johnson: i think we have to assume, for all the reasons that have been discussed here, that the russians will be back, and possibly other state actors and possibly other bad cyber actors. mr. heck: fair to assume you are concerned if not worried about 2016 and 2018 elections, and all others going forward? mr. johnson: yes. mr. heck: so you did an excellent job in the proceeding two hours of highlighting what you consider to be the greatest vulnerability, namely, the voter registration database. i just want to make sure that people understand that the harm here, the risk here, can be insidious. because i think when people hear that, their reaction is, oh, the addition or deletion of names. but it's more than that, is it not, sir? could it not, as an example, include changing the spelling wholesale of a bunch of names such that when those voters
showed up at the polling places, they were turned away or denied? is that not yet one of many examples of how infiltration and manipulation of voter registration databases could wreak considerable harm? mr. johnson: yes, i think that's a fair question and i think that's a fair comment. one thing i want to emphasize couple we talked a lot about voter registration databases. when i was at dhs, i always encouraged my people, don't respond to the last attack, try to anticipate the next attack. so i think it's incumbent upon all of those who managed the system to look comprehensively at where there are vulnerabilities. we focused on data registration databases. i focused on them because that is a known exposure that we saw. mr. heck: mr. secretary, is it also -- is it also true, to clarify, this does not have to be done wholesale voter , registration databases.
this can be done in select or targeted communities or municipalities. and the undermining of confidence in our system would be, however, wholesale. mr. johnson: correct. mr. heck: yes. mr. heck: i don't know how many times i lost count of the references to the adage that hindsight's 2020. i don't want to talk about looking back last year. i want to talk about how we're going to look back at some point in the future. i've always believed it's easy to judge those who miss the obvious or the dangerous inflection points. those who miss the chamberlain's appeasement at munich would lead to world war. or those who miss the passage of the gulf of tonkin resolution would lead to a war that arguably was unwinnable in vietnam. but the truth is there were , plenty of people at those
times who did know and who were raising their voices and who were ringing alarm bells. it is just that the warnings were not heeded. my wish, my prayer, literally, is that some day we don't look back on today and this time and deeply regret that we didn't heed the warnings. that we didn't take seriously enough a foreign power's repeated efforts to undermine our democracy and make america weaker and to sow wholesale lack of confidence in our elections such that we do not accept the outcome, such that we do not peaceably and peacefully transfer power as is our nation's heritage. and, is that which distinguishes us in the history of this
planet. because if we do, it will be too late. thank you, sir, i yield back the balance of my time. >> chairman yields back. mr. rooney, seven minutes. mr. rooney: thank you, mr. chairman. i would like to associate myself with what mr. heck just said. i think that that was very well said and very eloquence. if there is any issue surrounding washington right now that should unite this committee and what we're doing, it is what we are doing here today. secretary johnson talking about the integrity of our elections. there is one thing that we -- there are a lot of questions that remain unanswered. but there is one thing i do not think is ambiguous at all. that is, the american people don't have confidence in the way that their vote was cast is actually true and real. whether our guy won or next time your guy wins. and there's a question out there
as to whether or not russia may have been able to mess with the numbers. then we really do cease being the country that we are. secretary johnson, i've known you a long time. i think we first met when i first got elected in 2008 -- mr. johnson: we first met when you were i think in the house for five minutes in patrick murphy's office. mr. rooney: i appreciate your work as the attorney at the pentagon and then as secretary of defense. i think you are a true statesman and somebody we are all very proud of, regardless of party. it has been an honor to get to know you over the years and to work with you. i do think that it needs to be said -- and i have said this before in this committee, if anybody out there in the countryside believes that russia's not trying to influence our electoral process, this is your notice that they are and that they will continue to do so. whether that
is just merely propaganda through things like the rt or whether that's actual cyber intrusion like changing votes or deleting votes, we've seen no evidence in part thanks to you, of the latter. but the former and the latter may very well be a real thing moving forward. i certainly think propaganda will continue to do so. i know that i can speak for the rest of the committee when i also say -- i will speak for myself in saying this. you said earlier that designating the election systems as critical infrastructure after the election because you were worried him might drive people away, i think you're absolutely right in that assessment. that may be arguable. i think that is true.
i also would say this. i hope you work with secretary kelly in whatever lessons that you've learned, and also share with them key factors that help to successfully protect vote tallying. i know that some staff might be there or what have you, but for and for of our country the sake of his success, i am sure you are wishing upon him and that we can move forward, knowing in the next election cycle, he has every tool he needs to be able to be successful. being that i am the last question are on our side, my question is going to be very specific with regard to florida. ironically today, the county of supervisors of elections is holding a gathering of all florida state associations of election supervisors. we called some of them today from my district and asked them
about your designation. and there is a state's rights versus federal intrusion issue. -- issue, that they are concerned about. of mostly, they result lack or yearning for more information of, what does that mean? what are we supposed to do? had we tell the people of okeechobee county and sarasota county and charlotte county that your local supervisor of elections is in charge of counting your votes, but that this designation dhs has put out there is somehow this security blanket that is going to make sure that russia, a foreign entity, is not changing your votes? if you are talking to the okeechobee county supervisor of elections right now, what would you tell them that the designation that you made means for them, and how their job and
the local votes that are cast is safe, secure and not being mandated by some federal bureaucrat in washington in any other way than protection? mr. johnson: by analogy. financial services is critical infrastructure which includes , all the big banks, and i do not run those banks. the ceos of each of them are responsible for their own networks, their own systems. what it means most fundamentally is that we prioritize helping them when they ask. if they ask. and that's what the designation means. it doesn't mean i get to regulate. i do not have the authority to regulate standards for voting booths and for reporting mechanisms. but there are lots of other critical infrastructure sectors where everybody's responsible for running their own business, not me.
it is a matter of providing assistance to them when they ask. it is simply that. mr. rooney: if there is a palm beach county situation, where i grew up, is there some kind of a fail-safe mechanism that would come in? the palm beach county butterfly ballot thing, i do not remember the year that was -- mr. johnson: 2000. mr. rooney: 2000. now that this designation has been made, will there be some kind of an automatic trigger that would happen if a situation like that would happen, where we felt like it was not because of a faulty ballot, but because of actual intrusion by a foreign entity? mr. johnson: the secretary of homeland security would not have the authority to go in over the objection of a local official and do a ballot recount.
but the nature of it is that, when it states and counties ask we will come and , provide whatever cyber assistance they ask for, assuming we have the resources to do it and the capability. we'll do whatever we can to help them with their cybersecurity. that's it. mr. rooney: ok. i appreciate your time and your service. thank you, mr. chairman. i yield back. >> if i could say, congressman. since the day we first met, i have very much been impressed with your service in congress. mr. johnson: thank you. did everybody get that? [laughter] mr. johnson: thank you. >> some of the things you've pushed through as legislation i very much appreciated that. >> he's a congressman, not a banker, he can't loan you any money. [laughter] you.want to thank we also cannot leave and not a knowledge in officers griner and bailey, that
morning, capitol hill polite -- police officers. professional and heroic. i was right beside them, watching them work to do what they said they would do best. that's get between a really bad person and the rest of us. i cannot thank them enough for what they did. heroes to the absolute best tradition of what that really means. so thank them for that. appreciate the nation's prayers for steve and matt mika. griner was wounded as well and bailey and zach, appreciate that also. with respect to today's hearing, thank you very much for doing it. we appreciate that the cyber threat is ongoing and will get tougher and harder. we got maybe lucky this time that it was not successful and causing any more problems for systems and we already have. i would help the national association of secretaries of state would take to heart your message this morning and they would form a working group, a task force, to build at best
practice a system on their own that would allow themselves in to police it and created because there is no one better doing that than the folks actually responsible for doing it. i hope if they don't already have that in place, that there is an aggressive campaign to build that best practices and/or standards by which they would then hold themselves to, that would give all of us a lot more comfort in making it happen. again, secretary johnson, thank you very much for being here this morning. and we're adjourned. mr. johnson: thank you. [captions copyright national cable satellite corp. 2017] [captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. visit ncicap.org]
investigation. former homeland security jeh johnson spoke briefly to reporters about the importance of preventing future cyber attacks. >> we have a quick little wrapup of the hearing today. you had just about every top official from the obama administration come by so far. how much longer should be expected this process to take into the russian investigation? mr. schiff: one critical part of this was the open component of our investigation. most of our hearings will be enclosed session. as much as we can share with the public, it is important. one key element of our investigation is the one we really discuss today. that is, what are we learned from this? what was the u.s. government response? how can we make sure in the future we respond with greater alacrity? that we provide some deterrent to foreign interference?