You are looking at live pictures of that as well. We will hear from house leaders on political matters. Lets go to the fbi hearing. I believe we are hearing the latest update on the investigation. Lets listen in. Good morning, everyone. My name is andrew veil. I am the assistant director in charge of the fbi field office. Thank you as we provide a final update to the shooting that occurred a week ago today in alexandria, virginia. Standing with me are my colleagues, special agent in charge of the fbis Washington Field division, Timothy Slater who led the investigation on scene last wednesday for the fbi, chief mike brown of the Alexandria Police department, frank larkin, sergeant at arms of the senate and special agent in charge mike boxler of the atf. First and foremost, we continue to wish those who sustained injuries and were affected by the shooting a speedy recovery. We also want to commend the work of the First Responders from alexandria fire and ems, Arlington County ems and the United States park police who came on scene while it was still dangerous to provide medical assistance and transported the injured. Today you will hear about the investigative details that we know. I want to undercore tscore this active and ongoing. I wille ed a advise there are t shooting reviews. We are attempting to share as much information without compromising the integrity of our investigations. At this time, the fbi has assessed the shooter James Hodgkinson acted alone. We also assess that there was no next us connection to terrorism. It was an assault on a member of congress, assault on a federal officer. I am going to turn it over to special agent in charge tim slater who will provide the fbis investigative update. Thank you, assistant director vail. I would like to reiterate what mr. Vail said. Our thoughts and prayers of those stand behind me are with the families, with the victims that need to recover and those who have been toughed by this incident. Good more than, again. My name is tim slater. I am the special agent in charge of the Criminal Division of the fbi at the Washington Field office. In the past week since the shooting in alexandria, virginia, the fbi and our partners have gained greater understanding of the movements of the deceased shooter james thomas or Tom Hodgkinson in march 2017. The shooter told a Family Member that he was traveling to washington, d. C. But did not provide any Additional Information on his travels or specifics about those travels. An fbi analysis of the shooters computers showed that he google searched truck stops, maps and toll routes in the greater Northern Virginia area. Prior to the shooters travel, local police in illinois were called to his residence due to complaints of target practice on his property. However, Law Enforcement determined that he had not violated any state laws at that time. The shooters prior criminal record includes a charge of Domestic Violence in 2006. While the shooter was not known to have a history of diagnosed mental illness, he is known or it was known to have an anger management problem. Evidence collection thus far indicates that the shooter had been in alexandria since march 2017. On the morning of wednesday, june 14, hodgkinson, who was living in his vehicle in the parking lot of the ymca at the east monroe avenue address is believed to have exited his vehicle with two weapons. One being an sks 7. 62 millimeter caliber rifle and a. 9 millimeter handgun for which he had a holster on his body. The shooter approaches the baseball fields where practice for the Congressional Charity baseball game was taking place. Acting alone, the shooter aimed his weapon in the vicinity of where members of congress and staffers were standing. Immediately adjacent to the field were two United StatesCapital Police special agents who were detailed to a member of congress and who engaged the shooter. Alexandria Police Department officers responded to the scene of shots fired and also engaged the shooter. Who was reported down as 7 17 a. M. The fbi and atf have determined that the shooter purchased his sks 7. 62 millimeter caliber rifle in march 2003 and his. 9 mill meeimeter handgun in novem 2016 through a federal firearms licenses. Our investigation has determined that there were magazines found to be chambered in the rifle and the Fbi Evidence Response Team found shell casings for that rifle and handgun on the scene. The rifle was found to have been modified. We have processed property in three separate locations and on the shooter. His vehicle, a storage unit and his home in illinois. On the shooter, we found a piece of paper that contained the names of six members of congress. No context was included on this paper. However, a review of the shooters web searches in the months prior to the shooting revealed only a cursory of cursory search of two of the members. A second document with a rough sketch of several streets in washington, d. C. Was found on him as well. However, we have determined that this is not of investigative significance. In april 2017, the shooter rented a storage unit in alexandria in which we found a laptop computer, in excess of 200 rounds of ammunition, a receipt for a november 2016 gun purchase and additional sks rifle components. Through a review of activity logs at the storage facility, we determined that the shooter visited his unit more than 43 times between april and june. Every day between june 4 and june 14. The morning of the shooting arrived at the storage unit. In the shooters vehicle located at the scene of the shooting we found another laptop computer, a cell phone and a digital camera. New details in the investigation into the shooting of the republican congressional baseball practice last week. Were going to analyze that in a moment. First i want to jump to the house where were hearing jeh johnson testify about russian hacking into the election last year. As concerned private citizen. In 2016, the russian government at the direction of Vladimir Putin himself orchestrated cyberattacks on our nation for the purpose of influencing our election. That is a fact, plain and simple. Now the key question for the president and the congress is, what are we going to do to protect the American People and their democracy from this kind of thing in the future . Im pleased that this committee has undertaken this investigation. I welcome it. My sincere hope is that in bipartisan fashion you find answers. Last years very troubling experience highlights cyber vulnerabilities in our political process and in our election infrastructure itself. With that experience fresh in our minds, and clear in the rearview mirror, we must resolve to further strengthen our Cyber Security generally and the Cyber Security around our democratic process specifically. Im prepared to discuss my own views and recommendations on this topic and i look forward to your questions. Thank you. Thank you, mr. Secretary. Recognize myself for seven minutes. Thanks for being here this morning. A lot of questions will be asked. A lot of the details. A top level conversation about dhs mission with respect to cyber, particularly given how intertwined it is with respect to Voter Registration, voting, vote tallying, all those good things and also if you wouldnt mind folding into that what appears to be a delay between when the fbi became aware of things going on and what it seems dhs was informed about things going on. The relationship with the fbi relative to this particular infrastructure either at the time and then maybe going forward. So if you will weigh in on that i would appreciate it. A couple of things, sir. First, i think the roles of the federal agencies in Cyber Security spelled out pretty clearly last year in ppd41, basically Law Enforcement, fbi is responsible for threat response, dhs is responsible for asset response. The crime, Law Enforcement, fbi, patching vulnerabilities, detecting bad actors in the system, dhs. The way i like to explain it publically, when i was in office is jim comey is the cop and im the fireman. On a personal level with jim, we worked very well together. I have known him for 28 years from the days we were assistant United States attorneys together in manhattan and on a personal level at the top of both agencies we worked well together. Can i say that down to the field Office Working level, we were always fully coordinated . No. But i was impressed that day to day the process seemed to be working well. Every morning in my intelligence briefing there would be an fbi briefer there with me to give his assessment, to tell me what the fbi feedback on something was. So there is that. I spelled out in my Opening Statement, my prepared statement the first time i recall hearing about the hack into the dnc. And i recalled that it had been some months before i was learning of this that the fbi and the dnc had been in contact with each other about this. And i was not very happy to be learning about it several months later, very clearly. Well, theres two things i guess going on. Dnc hack was at some point in time. What was the delay between the hacks that fbi was aware of who found the hacks to the the scanning as you call it of the various Voter Registration systems, the attempted intrusions into the voter records, who discovered that . And if it was the fbi, how long was there a delay between that and using your analogy, the flames are going up, we need the firemen there. How was the delay my recollection part of this is from open source reporting. I have read more recently. The fbi first discovered the intrusion thats my recollection. Intrusion into the dnc. And i recall very clearly that there was a delay between that initial contact with the dnc and when the report got to me as secretary of dhs. It may have been that there were others at the staff level in dhs who were privy to this before it filtered up to me in an intelligence report. But thats my recollection. I was asking, lets ignore dnc. Lets talk about the attempts at whatever the russians did with respect to the registration system. When was that discovered . Who discovered it . If it wasnt dhs my recollection is that the initial scanning and probing around Voter Registration systems was discovered in late august. Could have been july but late august in my mind. My recollection is that once it was discovered, that information came to me and other senior people pretty quickly. Is there enough its one thing for the director and the secretaries to have good personal workingtutionalizing t were doing. Is the system of notification between fbi and dhs and that working is there any impediment to that not working on its own without the relationship you and mr. Comey had at the time . In my observation, it worked pretty well. But could stand improvement very definitely. I think its incumbent upon the leaders of both organizations to instill that in their work forces. I think it worked pretty well together in my three years. But there were glitches. There were instances where we did not communicate as effectively as we could have. One of our purposes was to reassure the American Public with a with respect to the 16 election and future elections. You said in your Opening Statement, your prepared remarks, that there was no vote tallying changes, no ones vote was they voted one way and it recorded some other way. Is that still your opinion that with respect to the 16 election that the intruks whatever it russians or others did, did not affect the actual voting itself . Based on everything i know, that is correct. I know of no evidence that proves cyber institutions vote were altered or suppressed in some way. Okay. Lessons learned in moving forward, you designated the Voting System as Critical Infrastructure. Can you give us a quick snap as to why that was important in your mind . It was important in my mine because Critical Infrastructure receives a priority in terms of the assistance we give on Cyber Security. Thats number one. Theres a certain level of confidence of confidentiality that goes into the communications between Critical Infrastructure and the department that are guaranteed. Number three, when you are part of Critical Infrastructure, you get the protection of the International Cyber norms. Thou shall not attack Critical Infrastructure in another country. Those were the reasons to do this. There are 16 sectors already that are considered Critical Infrastructure. In my view, this is something that was a no brainer. In fact, probably should have been done years before. Im pleased secretary kelly reaffirmed it. Does that include the parties and the infrastructure around candidates or just the neck ibz mechanics of voting itself in. If you read the way i wrote the statement, its pretty much confined to the election process itself. Election infrastructure itself, not the politicians, not the political parties. Thank you. My time expired. Recognize the Ranking Member. Thank you, mr. Chairman. Mr. Secretary, in the late summer of last year it became apparent that the russians were doing more than gathering for an intelligen intelligence, that they were dumping it in a way designed to influence outcomes, not by affecting the vote machines necessarily but by affecting American Public opinion with a dumping of the emails. So thats happening in late summer. Mid to late summer. Why did it take the administration so long to make a Public Statement that a foreign eadversary was trying to influence the American Election . The statement didnt come until october. Why did we wait from july until october to make that statement . Congressman, im going to disagree with your premise that there was a delay. This was a big decision and there were a lot of considerations that went into it. This was an unprecedented step. First, as you know well, we have to carefully consider whether declassifying the information compromises sources and methods. Second, there was an ongoing election. Many would criticize us for perhaps taking sides in the election. So that had to be carefully considered. One of the candidates, as you recall, was predicting that the election was going to be rigged in some way. So we were concerned that by making the statement we might in and of itself be challenging the integrity of the election process itself. This was a very difficult decision but in my personal view its something we had to do. It got careful consideration, a lot of discussion. My view is that we needed to do it and we needed do it well before the election to inform the American Voters of what we knew and what we saw and it would be unforgivable if we did not preelection. Im glad we did it. Congressman, every Big National SecurityHomeland Security decision i have made in my time, somebody always criticizes you for doing it and somebody criticizes you for not doing it sooner. Jim clapper and i made the statement on october 7. Im glad we did, frankly. I think the larger issue is it did not get the public attention that it should have, frankly, because the same day the press was focused on the release of the access hollywood video. I want to ask about you that as welg. A couple things. There were allegations by one of the campaigns, the trump campaign, that the process was rigged. The allegation wasnt that it was being rigged by a foreign power. Why wasnt it more important to tell the American People the length and breadth of what the russians were doing to interfere in an election than any risk that it might be seen as putting your hand on the scale . Didnt the public have a compelling need to know, notwithstanding the claims made by a campaign about a different kind of rigging . And the need to rebut the idea that this was being presented to the public deliberately to influence the outcome. Yes, yes and yes. Which is why we did tell the American Public everybody we were in a position to tell them on that date. You will note from my statement that we attributed the hacking directly to the russian government. We were not then in a position to attribute the scanning and probing to the russian government. We did say it was coming from a russianbased platform at that point. At that point, we told the public everything we believed we could dell them. Im glad we did. The priority of informing the American People public mr. Secretary, you mentioned that the statement you issued didnt get much attention because of the timing of access hollywood. When it didnt get attention, why didnt the administration go further . Why didnt the president speak about this . It was left to yourself and director clapper to issue a written statement without any further elaboration. There were no steps taken, for example, to impose sanctions on russia. Why werent those additional steps taken when they first noticed this . Well, you shouldnt view the october 7 statement in isolation. I had been engaging state Election Officials since august. I had issued a Public Statement on august 15. I issued a Public Statement on september 16. Informing the public and state officials what we knew at the time. I issued another Public Statement on october 1. There is the october 7 statement. Then i issued another statement on october 10. This was an ongoing effort to inform the public about everything we were in a position then to tell the public. It wasnt just the october 7th statement. That october 7th statement was notable in another way in had a it didnt include james comeys signature as the agency that would be foremost have the foremost responsibility for the forensics of attribution. Why wasnt director comeys signature on the statement . Well, the thinking was that astatemea statement should come from the Intelligence Community. Clapper was atop the Intelligence Community. Separately, we wanted to put out a statement from dhs about what state Election Officials can do about this. Again, encourage them to come to us at some point in the discussion, jim and i decided to make it a joint statement. Thats what happened. There have been public reports in the last week or two that the russian infrastructure has been more widespread and may have affected dozens of states. What can you tell us about what was known at the time and what you know now in terms of the length and breadth of russian probing of our election infrastructure, how widespread was it, and did it go beyond penetration of voter databases, manipulation of data in any way . It was definitely in the fall a growing list of states where we saw scanning and probing around Voter Registration databases, which concerned us greatly. As i think i stated in one of my Public Statements, probably the october 1 statement, in at least one to two instances, the effort was successful at an intrusion. There was a growing list and we saw the scope of this activity expanding as time progressed. And then eventually, in january, we were in a position to say that this activity itself was also the russian government. Now, i too have seen the more recent reports. I have not had access to classified information for five months. So im not in a position to tell you whether its right or wrong. But definitely, as fall progressed, we saw a progression of scanning and probing activities around voting registration databases which concerned me. Which is why i kept encouraging statement officials to seek our help. Did that involve a majority of the statements . Yes. I dont mean that they took you up on the help. But did the russians probe a majority of the states voter databases . I dont know the final count because i havent had access to the intel for last five months. I know what i see open source. Im not in a position to agree or disagree. I have seen open source i think 39 states. Im not in a position to agree or disagree. Time has expired. Good morning, mr. Johnson. Good morning. I want to start by thanking for service to our country which includes a successful stint as an ausa. You will recognize some of my questions as being leading. They are not leading from the standpoint of trying to trick you. More in the interest of time. If i Say Something you disagree with, interrupt me, stop me. Its just in the interest of time i want to see if we can get some things out of the way that we agree on. Russia has a history of cyberattacks against our country. Is that true . Yes. The parlance of our former jobs, russia would be considered a career offender as it comes to seeking to undermine the foundations of our republican . They are constantly trying to attack the foundations of our republic, is that fair . I think thats a fair statement. So theyre a career offender. They have a history of cyberattacks on our country. We suspected before the as do others. Yes, sir. Its not just them. But for purposes of this morning, i want to focus on russia. We suspected before the november elections that they might attack our voting infrastructure. Is that fair to say . Yes. In fact, you warned they were going to do so . I was concerned they would do so, which is why i kept issuing all these Public Statements. Yes, sir. At the time you separated from service in january of 2017, you have seen no evidence that the russians were successful at changing voter tallies or voter totals . Correct. At the time you separated from service in january of 2017, had you seen any evidence that donald trump or any member of his campaign included, conspired or coordinated with the russians or anyone else to infiltrate or impact our voter infrastructure . Not beyond what has been out there open source and not beyond anything that im sure this committee has already seen and heard before directly from the Intelligence Community. The only thing i would have on that is derivative of what the intelligence has and Law Enforcement community. Speaking of the Intelligence Community, it strikes me that most of the information currently available was available in the fall of 2016. Most of the intelligence products that are relied upon to form certain assessments, that underlying data was available in 2016. Some of it before the election. Im not in a position to agree or disagree with that because i dont have access anymore to intelligence over the last five months. Looking at this a different way, before the election in november of 2016, you had already seen evidence of russian efforts to impact our election . In fact, you testified they had a preference for a candidate, they were aggressive and i think you used the phrase plain and simple. Yes. With respect to efforts to hack into the dnc and other political organizations, yes, very clearly. Correct. This is i guess what im getting at. Theyre a career offender when it cop comes to abeing taing. They have a history of cyberattacks on our country. You warned before the elections that they may attack our voting infrastructure. After the election, president obama took steps to target russia and you took steps to consider our voting apparatus to be Critical Infrastructure. Given what we knew before the election, what more could we have done and should we have done . We werent surprised that russia was doing there to us. They always do it to us. So what more could we have done, should we have done before the election . Well, hindsight is brilliant. Hindsight is 20 20. I will preface by answer by saying, i think it was unprecedented, the scale and the scope of what we saw them doing. And there have clearly been intrusions before by a number of state actors, as im sure you are aware. In retrospect it would be easy to say i should have bought a sleeping bag and camped out in front of the dnc in late summer with the benefit of hindsight. I can tell you for certain that in the late summer, fall, i was very concerned about what i was seeing and this was on my front burner all throughout the preelection period in august, september, october and early november to encourage the states to come in and seek our assistance. Im glad that most of them red and blue did. Hindsight is perfect 20 20. But im satisfied that this had my attention, it had the attention of my people, because i pushed them at every step of the way to make sure we were doing everything we could do. But obviously, there are lessoned learned from this experience. For the future, theres probably more we can and should do. If i remember correctly, you had a Conference Call or communicated with the states to offer them your assistance prior to the election. Correct. If i remember your testimony correctly, their response vacillated between neutral and opposed. Correct. It was to the issue of designated them as Critical Infrastructure. Do you know without naming the states whether any of the states most vok vocally opposede impacted by russian efforts . I would have to look at both lists. If you are saying impacts, were those States States that had their Voter Registration databases scanned and perhaps infiltrated . I would have to lock at both lists. I dont have that off the top of my head. What im wondering if any of the states most vocal in rejecting your help needed it the most. Again, they didnt reject our help. 36 of them accepted our help. But they were resisting the idea of a designation to be critical infrastructu infrastructure, which i went ahead and did anyway. What would that have done in november or in october . What would that have accomplished had you done it in fall of 2016 instead of january . Well, as i outlined, i outlined earlier the advantages of that declaration. In the shortterm my assessment was that we needed to get them in. We needed to bring the whos to water to seek our Cyber Security help. So making the designation would have in my assessment driven them in the opposite direction. My number one priority preelection was to get them to seek our Cyber Security help. For the most part, they did. Thank you, mr. Secretary. Thank you. I will begin by yielding a moment to the Ranking Member. Thank you. Just a quick followup. You have been asked about whether the vote tallies were impacted. Some have suggested because the actual counting of the votes bit machines wasnt impacted that, therefore, your testifying and others have testified theres no affect on the election. These are two different things. In your Opening Statement you state, im not in a position to know whether the successful russian government directed hacks of the dnc and elsewhere did in fact alter Public Opinion and thereby alter the outcome of the president ial election. Correct. Do you stand by that . Yes. Thank you for that cl clarification. Its not the job of the Intelligence Agency to determine whether the information dumped had an affect on the outcome, only whether machines were impacted, not people . Correct. You would need a social scientist to do that. I wanted to ask you about the information concerning potential coordination with the russians. Are you aware of the basis we heard testimony that the fbi investigation was somewhat compartmentalized and director clapper wasnt fully aware of what went into the investigation. Are you aware of the information that formed the basis for director comey opening a counterintelligence investigation as he testified in july of last year . No, not as i sit here. If i did, im not sure i could talk about it in open session. I do not. Im not going to ask you to. Do you believe director comey would have opened a counterintelligence investigation on a president ial campaign lightly or on hunch . No. He would need some evidentiary information basis to do so . Based on everything i know about jim comey and the fbi, yes. I yield back. Thank you. Good morning, mr. Johnson. I want to start by asking you, mr. Gowdy questions and your responses established this is not a new thing, this meddling in our election. We have seen it before. Wasnt to come back to that. You also stated and we heard from others that the meddling in the 2016 election was unprecedented in its scope and reach. I wonder if you might take a minute or two and just help us better understand why it was unprecedented, what was different versus what we have seen in the past. We have seen a history of various different types of bad cyber actors intruding into, infiltrating political organizations, political campaigns. Thats what i was referring to. When i say that this effort was unprecedented, what i mean is that we not only saw infiltrations but we saw efforts to dump information into the public space for the purpose of influencing the ongoing political campaign. It was widespread. And in that respect we knew it was happening. In that respect it was very much unprecedented. Can i just distilling your testimony, we had seen scanning, quarries, what we might consider espionage, trying to gather information. But we had never seen what the russians call active measures, that is to say actually the insertion of information designed to alter an outcome . Thats what makes this unprecedented . Yes. Thank you. Lets step back a little bit away from how this is unprecede unprecedented. We have seen this before, 2008, chinese hackers targeted obama and mccain. We saw it in 2012. My question is, as you assumed your duties at Homeland Security, how were we thinking about this . Were we thinking about this issue in a constructive way prior to the last election . Good question. It became a front burner item for me in summer 2016. And i began discussions with my staff about what should we be proactively doing to help state Election Officials prepare. I was surprised to know that there was an Election Assistance Commission and that dhs had collaborated with that and that there had been an ongoing dialogue through the eac, through state secretaries of state, going back to election cycles past. But this was now becoming a matter for me as the secretary of Homeland Security. So it was becoming front burner for me in the summer of 2016. But there had been that ongoing dialog dialogue. This becomes front burner, implying prior to summer 2016 this had been back burner. What was the cat lievent that t it . For me, it was the reports we were receiving about efforts to intrude into the dnc and the emerging intelligence picture. Okay. Lets get a little more granular here. Becomes a front burner issue. Were there certain parts of the process at the time, the voting machines, Political Party databases, politically associated organizations that we understand may have been probed that you thought were particularly vulnerable at the time . Voter registration databases, in the course of learning about this issue, myself, i took a look along with my staff at the practices in the different states. They tend to vary. But for the most part, there are redundancies in the system. And most of it exists off the internet in terms of collecting votes, reporting votes. There are a few states where it does not. But the states with some doj Election Assistance Commission help have been engaging in some best practices. But they tend to vary all over the lot. But what we were most concerned about and what we were seeing were efforts at compromising Voter Registration databases. You said something that in my very limited time i dont want to let drop. You said you thought that there is more that we could and should do to address this issue. Can you elaborate if you were still secretary of Homeland Security, what would your recommendations be . A number of things. One, i would, as congress, i would think about grants to state Election Officials to help them harden their Cyber Security. I would raise Awareness Among state Election Officials as well as public in general, employees of state governments, raise awareness about the evils and hazards of speer fishing. I think at a National Level there should be in this administration somebody who takes the mantle of Cyber Security on fulltime to highlight this issue, to lead the charge on this issue. My preference would be somebody within dhs. But we need a National Leader to take charge of this issue. First and foremost, we need to encourage state governments, state Election Officials to engage in best practices when it comes to vote tallies and so forth. Through grants, we ought to consider grants. I hear that from state Election Officials themselves. Thank you. Mr. King, seven minutes. Secretary, its good to see you again. I had the privilege of working with you on the Homeland Security committee. I commend you for your service. Outstanding job. And your career public service, assistant u. S. Attorney and now as a successful lawyer, im sure. A few points before i yield. Can you elaborate more on what the dhs connection with the dnc was or consultation with the dnc was after you became aware of the hacking and they became aware of the hacking as to what was offered them, what they accepted . Was there any level of cooperation at all . To my disappointment, not to my knowledge, sir. This is a question i asked repeatedly when first learned of it. What are we doing . Are we in there . Are we helping them discover the vulnerabilities . This was fresh off the opm experience. There was a point at which dhs Cyber Security experts did get into opm and actually help them discover the bad actors and patch some of the exfiltrations, or minimize some of the damage. So i was anxious to know whether or not our folks were in there. The response i got was, fbi had spoken to them. They dont want our help. They have crowd strike. The Cyber Security firm. That was the answer i got after i asked the question a number of ty type times. That was different from what you got from opm . The opm effort we were actually in there on site helping them find the bad actors. Do you know who it was at the dnc that made that decision . I dont. Do know if the fbi continued to try to help, try to assist . I have read in the New York Times about those efforts. Sometime earlier this year. I move to strike all references in the New York Times. I would just say, maybe its editorializing on my part, thats an unusual response from the dnc. If you are talking about a president ial election, you have an unprecedented amount of cyber hacking by a foreign power, annean adversa adversary. They would not accept all the help that could be given, especially in sounded as if not that you would be partisan, but it sounded like it was this is an impartial governmental entity and they didnt accept that. I find that hard to comprehend. My interest in helping them was definitely a nonpartisan interest. I know that. I recall very clearly that i was not pleased that we were not in there helping them patch this vulnerability. The nature when you are dealing with private actors and even political organizations, we dont dhs does not have the power to issue a suearch warran and patch vulnerabilities. Was there any significant intelligence or information that came about after the election that was not available before the election . If there was so much out there, if the administration was so concerned, why was it that suddenly after the election seemed serious action was taken, sanctions sanctions in particular and also the Public Statements by the president , by the Intelligence Community coming out, coming on strong. Yet i didnt see what was present after the election wasnt there before the election. We did before the election one month before the election formally and publically accuse the russian government of doing this in blunt terms, uncommon for the Intelligence Community. That was statement was pretty blunt in saying we know the russian government is doing this based on the picture we saw at the time. The picture continued to build upon itself as time progressed. There was more we knew about the russian governments efforts at scanning Voter Registration databases. You recall the october 7 statement said we were not then in a position to attribute that to the russian government. The picture got clearer as time progressed. On october 7, we issue aid very clear declaration based upon what we knew at the time that the russian government was behind the hacks of the dnc. Im not being critical of you. It seems it didnt get the attention i would have preferred it gets because were in the midst of the campaign where the press and voters focused on other things. All the power they have, in december we had this drum beat of stories coming out, one after the other, some being leaked, some open. Sanctions being issued. All the mobilization of the administration to get that out came after the election into december and early january. Between october 7 and election day there was very little. The october 7 statement was overshadowed by the other incidents. Im just saying, im concerned not concerned but the very the administration the october 7 statement was an administration statement. That was the result of an Intelligence Community assessment. The president approved the statement. I know wasnted ehe wanted us statement. That was a statement by the United States government not just jim clapper and me. The reality, most American People were not aware of it. I just would have thought during that 32 days, if they had done as much from october 7 to november 8 as they did in december and january, i think the American People would have been better informed when they went to the polls. I can tell you i issued statements on september 16, october 1, october 7, october 10 about what we saw. You did your job. Im not questioning you in any way about that. Im asking about the administration overall. Just quickly, if i could get you to put on your old hat for a second. Hacking into someones server strikes me as a crime. Yes. The dnc was the victim of a crime. Im trying to understand why the victim of a crime would not turn over evidence to you and juim comey who were apolitical and come from apolitical backgrounds. Im sure at some point in the time line they did do that. My point earlier was that in the initial period i was not satisfied that we were able to get in there ourselves, dhs, to help them identify the bad actor and patch the vulnerabilities. Im sure at some point the fbi and the dnc had a dialogue. You would have to ask them. The time is expired. I would like to yield a minute to the Ranking Member to ask a question. I want to follow up on mr. Kings comments and question. I agree completely with mr. King. Im not saying this as a matter of hindsight. We were saying this in real time as it was going on. You did what you could do. Why didnt the president of the United States at the time you were making your attribution or thereafter speaking to the American People and say a foreign power is interfering in our affairs, this isnt democratic, this isnt republican, they need to be rejected and they need to stop. Why wasnt that done . Was there thought given to that . Why was that rejected . Again, congressman schiff, we did make the statement. We were very concerned that we not be perceived as taking sides in the election, injecting ourself into a very heated campai campaign. Or taking steps to themselves delegitimize the election process and undermine the integrity of the election process. So we considered all those things. The decision was made that the director of national intelligence, secretary of Homeland Security should together make this statement. There were Public Statements made by various administration officials, including myself, all through the campaign season, preelection, to the same affect. I yield back. Secretary johnson, welcome. Thank you for your years of service to this great nation. I would like to talk about attribution. By now its wellknown that the russians hacked, stole strategically dumped emails. What i would like to understand better is how the United States government came to reach that conclusion and how dhs and the rest of the government were able to attribute it directly to the russians. According to the declassified Intelligence Community assessment released in january of 2017, we noted that russian intelligence assessed elements of multiple state and local electoral boards. That seems clear. How do you how does one go about attributing that to the russians . What kinds of information, signatures, or cyber activity would you be looking for in order to make that attribution . How do you validate that information . Congresswoman, you would have to have that discussion in closed session, because its sources and methods. Its probably better to have that discussion with someone in the Intelligence Community. I do recall that looking at the intelligence, it was a pretty clear case, perhaps beyond a reasonable doubt, mr. Gowdy, that the russian government was behind the hacks into the dnc based on everything i was seeing. In terms of attribution, there are normal considerations about when one makes public attribution to a state actor who is engaged in some type of cyberattack. My personal opinion was that and is that those normal considerations were out the window and that we had an independent overriding need to inform the voting public of what we saw going on. The way i looked at it as a corporate lawyer was if im the issuer of a public stock and i see a very powerful actor in the market trying to manipulate the price of my public stock, i have a duty to tell the investing public what i know. How did you go about alerting the states, dhs go about alerting the states and local communities about what was going on . I know that you did the designation for Critical Infrastructure. What im trying to get at is, given your background and your recommendation that we do something more now to really alert the state and local governments, how do we do it now . What would you suggest would be a better way to go about alerting them . Well, we did have an ongoing dialogue throughout the fall with state Election Officials at the Law Enforcement level with dhs, there was, of course, the public october 7 statement. But the conversation didnt stop there. I continued to issue Public Statements. We continued to have a dialogue with state officials as they came in to seek our cyber assistance. At the staff level. In answer to your question only if they came to get your assistance with dhs would they be more helpful in that sense . You left it up to the states and the local governments to actually i think thats the case that we had a dialogue with just about every single of the 50 states. Ultimately, we had a dialogue i think all but maybe one or two of the states. They actually signed up for our Cyber Security assistance. There were 36 along with a lot of counties and cities that signed up. We were pushing information out the door to everybody as often as we could. In answer to your question, i think that the states are one thing i discovered in this conversation, state Election Officials are very sensitive about what they perceive to be federal intrusion into their process. I heard that firsthand over and over. This is our process. Its our sovereign responsibility. Were not interested in federal takeover. They were very doesnt the federal government have an interest in the integrity of these elections . I think the American Public, the nation has an interest in the integrity of the election. I think you federally elected officials have an interest in the elections that result in you sitting here, yes. But i think that we need to continue now that the campaign is over, maybe in odd years if we could find a way, to raise awareness when the temperature is down, maybe through grants, encourage best practices at the state level and maybe encourage a uniform set of minimum standards for Cyber Security when it comes to state election systems and Voter Registration databases. Thank you. Thank you, mr. Chairman. Mr. Secretary, thank you for being here. Thank you for your service. Some of this may be a little redundant. Im trying to really better understand how all the entities have come together. Can you briefly summarize dhs role in Cyber Defense . To summarize it, we had the agency of the u. S. Government responsible for asset response. Responsible for working with other federal agencies and the private sector in identifying vulnerabilities, patching rayra and we are the portal through which information should pass to the u. S. Government. Thats it in a summary. With that in mind, can you briefly tell us dhs role in sharing cyber threat indicators, how that works . On my watch, it was this is an ak ro acronym. The place designated to receive cyber threat indicators and report them. Switching gears a little bit. Based on what you know now, what would you have done more or differently in respondse to the russian cyberattack of the 2016 election . With the benefit of hindsight, there is always more things you can say to yourself i should have done. Luke like i said earlier, perhaps i should have camped out at the front door of the headquarters of the dnc. At the time, knowing what we knew and wrestling with all of the considerations we had, i can tell you that this was a very much a top priority for me because none of us knew how this was going to come out and how far the russians were going to go in their efforts. So i can tell you, with the benefit of hindsight, that this was a top priority for me and virtually every day during campaign season, i was questioning my own staff about are we mobilized, are we energized enough to do what we need to do . Have we set up a Crisis Response center on Election Night which we did. At one point i said this in my prepared statement i picked up the phone and called the ceo of Associated Press that has and has had for years the responsibility for Election Night reporting to make sure that their systems were satisfactory. And i was satisfied they have enough redundancies in their system as well. So this was something that was very much uppermost on our minds in the runup to the election. Thinking ahead to 2018 and 2020, what scenarios twopart question. What scenarios most concern you and what recommendations do you have for us that we should do that maybe is something thats not in place now . Well, the scenarios that most concern me about the ining at the integrity of elections are not necessarily Cyber Security related. In the Cyber Security realm, what i do worry about are the vulnerabilities around state Voter Registration databases. And we saw those vulnerabilities last fall. So i think there needs to be more done to secure Voter Registration databases so that that information doesnt get out in the open. From a congressional approach, somehow grants to states for databases or anything specific you recommend . I know that the states state Election Officials are very sensitive to and would oppose likely federal standards for how they should run their elections. It was very hard to bring about i remember the debate about hava in 2002. I would use the carrot approach instead of the stick approach and encourage them through grants to bolster their Cyber Security. What specific policy changes, if any, would you recommend to your successor, secretary kelly . In addition to all the things we have just discussed, i think its important that secretary kelly or the undersecretary really take this on as a front