WASHINGTON (CN) – On the heels of a server breach last year that proved catastrophic, the Democratic National Committee rejected the government’s offer to help, former Homeland Security chief Jeh Johnson testified Wednesday.
Speaking this morning before the House Intelligence Committee, Johnson said he inquired, as soon as he became aware of the hacking, about whether his staff were proactively helping the DNC identify the culprits and plug the cybersecurity holes.
“The answer, to the best of my recollection, was not reassuring,” Johnson’s written testimony says. “The FBI and DNC had been in contact with each other months before about the intrusion, and the DNC did not feel it needed DHS’s assistance at that time.”
Johnson said he was “not pleased” about Homeland Security’s exclusion from the DNC’s response.
CrowdStrike, the private security firm hired by the DNC, eventually attributed the breach to Russian actors — a conclusion now supported by 17 U.S. intelligence agencies.
Johnson, who served as the Homeland Security chief from December 2013 to January 2017 under President Barack Obama, reiterated that conclusion on Wednesday.
“In 2016 the Russian government, at the direction of [President] Vladimir Putin himself, orchestrated cyberattacks on our nation for the purpose of influencing our election, plain and simple,” Johnson said.
Though Johnson declined to say in a public setting how the intelligence community reached that conclusion, he said the intelligence made it “a pretty clear case.”
“Perhaps beyond a reasonable doubt,” he added.
Democratic lawmakers pressed Johnson this morning on what he knew about Russian attacks on the 2016 election, and when.
As the summer progressed, Johnson recalled that his concerns about a cyberattack on the election grew. At this point, he said engaged state election officials to offer cybersecurity assistance for the upcoming election. He toyed then with the idea of declaring election systems as critical infrastructure but says he met pushback from secretaries of state and other state election officials.
“Those who expressed negative views stated that running elections in this country was the sovereign and exclusive responsibility of the states, and they did not want federal intrusion, a federal takeover, or federal regulation of that process,” Johnson’s testimony states.
Johnson said their concerns suggested a “profound misunderstanding” of what the designation would mean, which he said he tried to clarify.
But he ultimately decided to wait until January to make the designation, calculating that it would be a counterproductive to do it before then. Instead, he encouraged states to get cybersecurity help from Homeland Security to protect the integrity of the election.
Johnson counted 33 states and 36 cities and counties as having made use of Homeland Security tools to scan for potential vulnerabilities.
When he did make the designation on Jan. 6, Johnson said he checked in with the state officials and found that their views had not changed.
“Notwithstanding what I heard, I had become convinced that designating election infrastructure as critical infrastructure was something we needed to do,” he testified.
As the summer wore on, Johnson said he began to see efforts to scan and probe state voter-registration databases, which the FBI had warned states about in August. According to Johnson’s testimony, the FBI had provided states with the IP addresses associated with the hacking attempts.
The next month, President Obama called on congressional leaders to coax election officials in their states about seeking cybersecurity help from Homeland Security.
Johnson encouraged as much himself on Sept. 16, urging states to be vigilant in the face of suspicious cyberintrusions of political institutions and voter-registration data.
It wasn’t until August and September, however, that the intelligence community grew increasingly convinced that the Russian government bore responsibility for the DNC hacks, he said.
Faced with pressing questions from Democrats on the committee about why the Obama administration waited until October to tell the American people about this, Johnson noted that the circumstances required thoughtful deliberation.
“In the midst of the politically charged election season, with accusations by one of the candidates that the election was going to be ‘rigged,’ attribution was going to be a big and unprecedented step, and required careful consideration,” Johnson said.
The Obama administration was particularly concerned about being seen as interjecting into the election during a heated campaign, or taking steps to delegitimize the election process.
On Oct. 7, Johnson and former Director of National Intelligence James Clapper issued a formal statement accusing the Russian government of meddling in the U.S. election.
But Johnson told the committee that the news got buried. That same day, the Washington Post released old Access Hollywood footage from NBC, which revealed Donald Trump making lewd comments about women.
It wasn’t until January that the intelligence community felt comfortable attributing the scanning and probing of state voter-registration databases to Russia, several of which he said were successful.
Johnson testified that he worries most about the vulnerability of state voter-registration databases to intrusions, including the manipulation of voter-registration data.
Although he expressed confidence that the Russian cyberattacks did not alter vote tallies this time, Johnson said it is safe to assume that Russia and other bad actors will attempt to meddle in future elections.
On the question of whether the Russian hacks altered public opinion and thereby altered the outcome of the election, Johnson said he was not in a position to say.
He did, however, encourage current Homeland Security Chief John Kelly to make cybersecurity one of his top two priorities.