Earlier this week Mr. Samuel Liles, acting director of the Office of Intelligence and Analysis Cyber Division of the United States Department of Homeland Security, testified before the Senate Intelligence Committee investigating alleged Russian interference in the US election of 2016.

In this briefing, we will take a look at new claims, their implications and revisit the concept of proof of attack vs. proof of attacker and hacking the election vs. hacking to influence.

What is new?

The statements given by Mr. Liles are the first incident of a US government official naming a number of States which have allegedly had their voting mechanisms attacked. More precisely, 21 states are stated to have been targeted. Unfortunately, which 21 states remains unspecified.

The US states Arizona and Illinois have self-reported being targets of the attacks.

What are the implications?

While no additional proof has been made available, these statements still represent an important shift in the handling of the alleged hacking attempts.

So far, all official statements were focussed on attempts to use confidential or embarrassing information gained through hacking activities to discredit the Democratic Party during the election. We refer to this approach as “hacking to influence” in previous briefings. The new claims indicate that a foreign actor may have also tried to hack the election mechanism itself. Such attacks carry much more weight as votes could be misrepresented.

While proof of attacker is required for an attack aiming to influence public opinion to become geopolitically relevant, mere proof of attack would be sufficient to trigger far reaching consequences including a potential re-casting of votes when the election mechanism itself is concerned.

Were the attacks successful?

To the best of our knowledge at the point of writing, no organization within the US government is claiming that voting systems were successfully compromised during the 2016 election. The new claims merely outline attempted attacks, not successful breaches.

Therefore, the new allegations are unlikely to lead to major political consequences by themselves.

Will there be more details?

While we cannot rule out the release of additional details such as the naming of further affected states, the anonymous nature of cyber attacks and confidential nature of national security means that we consider it unlikely for such information to be released.