Ronert F. KENNEDY, JR. March 22, 2016 Attorney General Loretta Lynch Department of Justice 950 Pennsylvania Ave NW Washington, DC 20530 Dear Attorney General Lynch: 1am writing to urge the Department of Justice to take immediate steps to prevent the computer hacking of the 2016 election results. I urge you to create a cyber security task force to create robust safeguards to protect against malicious intrusions and destructive malware that could alter the vote results or otherwise undermine the ability to correctly tabulate the vote. You are well aware of the danger of eyberattacks and computer hacking. The danger of the ‘upcoming elections being hacked is even more serious than criminal hacking. Hacking has the potential to manipulate the results of the election itself and subvert the voting process, which is the heart of our democracy. Over the past year, many United States government agencies and critical infrastructures have been the victims of cyber-attacks and criminal hacking, both foreign and domestic. ISIS hacked our military and accessed thousands of files. The Chinese hacked the Office of Personnel Management. Russians hacked the Department of Defense. And a bevy of foreign cyber teams hacked the State Department, NOAA, the Postal Service, the Joint Chiefs of Staff and even the personal email of the current CIA Director. Cyber intrusions could easily happen in the upcoming elections through undetectable manipulation of the vote count or denial of service attacks. Our election could be manipulated by a foreign country or by a private firm contracted to help their clients win elections or by independent hackers. This threat must be taken seriously, and addressed in a meaningful and robust way. Much has been written over the years about the vulnerability of our voting system. Nine years ago, the Carter Center issued a policy paper entitled, Developing a Methodology for Observing Electronic Voting, which included the observation that “[s}teps should be taken to effectively protect the transmission of data and prevent illegal access, or hacking.” Other than replacing some electronic voting machines with machines using paper ballots, that report has been largely ignored. ‘The ease of hacking voting machines was recently detailed in an exhaustive investigation initiated by the Virginia Department of Elections, which concluded that Virginia elections had likely been hacked. This report echoed a 2012 report by IT experts who, at the invitation of District of Columbia Elections Officials, hacked into a mock election and, “gained nearly ‘complete control of the election server ... and changed every vote” without detection for 48 hours. Similarly, cyber security experts at Argonne Labs showed how votes can be changed wirelessly at a distance from the polling station. Computer scientists at Princeton Universitydemonstrated that they could install malicious code on one voting machine and that code would then spread virally to all other machines in the chain, resulting in a corruption of the final results. Cyber security experts have also testified that hacking has altered election results in foreign countries. CIA cyber expert Steven Stigall testified at the Election Assistance Commission that hacking has been used to corrupt foreign elections and could happen here. IT expert Stephen Spoonamore testified in a federal civil case that it most likely occurred in the 2004 presidential election in Ohio. In September, the Brennan Center released a report describing how aging voting machines present a threat to the next election, Recently, cyber security expert Michael Gregg wrote an article in Huffington Post listing six ways that the 2016 election could be hacked. The use of proprietary software in all voting machines and tabulators raises serious concerns, Since elections have been privatized, the owners of the private voting machine companies have refused to show election officials how the vote was counted when asked see the programs. The private vendors have claimed proprietary rights so there is no accountability. The White House approved $14 billion for cybersecurity efforts for fiscal year 2016, and issued a “Cybersecurity National Action Plan” that includes a directive to all federal agencies “to identify and prioritize their highest value and most at-risk IT assets and then take additional concrete steps to improve their security." This strong evidence demonstrates that we face an enormous threat to our voting system from hacking and malicious intrusions. Therefore, I am urging the Department of Justice to use all available means and tools to protect the upcoming election from hacking. This could include: ‘© Create a cyber security task force that will prospectively institute robust safeguards to protect against malicious intrusions and destructive malware that could alter the vote results or otherwise undermine the ability to correctly tabulate the vote. * The task force should have teams to conduct reviews of the security measures currently in place at departments of elections throughout the country, with an emphasis on areas that could alter the electoral landscape. ‘* Teams should monitor the digital traffic and tabulation results to and from these election departments to ensure that no manipulation or tampering takes place. * The task force should publicly let would-be hackers know that any attacks will be discovered and stopped, and those responsible held criminally accountable. © The Department of Justice should allocate sufficient funds from the newly passed cyber security budget or other sources to enable the task force operation and to each state to harden their election security measures. © A report should be issued at least annually assessing the state and federal compliance with lection security recommendations. Took forward to your response to this letter. Sincerely, ) bout onsathy Robert F. Kennedy Jn”VSources Regarding Computer Hacking ISIS Hacks Military: http:/www.theguardian.com/world/20 1 5/aug/13/isis-hacking-division- releases-details-of-1400-americans-and-urges-altacks Chinese Hack Millions of Records From Office of Personne! Management: .nytimes.com/2015/07/1 O/us/oftice-of- Teen Hacks CIA Director’s Email: http://www, wired,comv/2015/10/hacker-who-broke-into-cia- director-john-brennan-email-tells-how-he-did-it/ Russians Hacked Department of Defense: http:/thchill.com/policy/eybersecurity/239893- russians-hacked-dods-unclassified-networks Joint Chiefs" of Staff Emails Hacked: http://www. thedailybeast.com/cheats/2015/08/05/joint- chiefs-of-staff-hacked, htm State Department, NOAA and Postal Service Hacked: http://www.nbenews.com/news/us- news/stat -joins-erowing-list-hacked-federal-agencies-n249711 Developing a Methodology for Observing Electronic Voting https://wwrw.cartercenter.ong/documents/elec_voting_octl1_O7.pdf Virginia Investigation of Voting Machines htip://www.wired,com/2015/08/virginia-finally- drops-americas-worst-voting-machines/ Argonne Labs-Voting Machines Can Be Hacked Electronically http://www. popsci,com/gadgets/article/2012-1 | fnow-i-hacked-clectronic-voting-machine Princeton Scientists Show How Voting Machines Can Be Hacked :/hwoww.dailytech. ineeton-+Researchers+ Hack +Diebold+EVoting++Machine/article417 Thum CIA Agent Testifies About Hacking Before Election Assistance ‘Commission http://www. bradblog.com/2p=7021 IT Expert Testifies About Hacking Ohio 2004 Election http:/www.altemet org/story/99337/how the gop wired ohio%27s_2004 vote count for_bush to_win TT Expert Give Six Ways To Hack The 2016 Election http:/www.huffingtonpost.com/michael- gregg/top-six-ways-hackers-coul_b_7832730.html Brennan Center Wars About Aging Voting Machines bitps://www. brennancenter.org/publication/americas-voting-machines-risk