Full Text of SR0093 100th General Assembly
SR0093 100TH GENERAL ASSEMBLY |
| | SR0093 | | LRB100 08915 MST 19058 r |
|
| 1 | | SENATE RESOLUTION
| 2 | | WHEREAS, Our national and State security should not be | 3 | | undermined
by the concerted efforts of foreign actors with the | 4 | | goal of
compromising our democratic ideals; and
| 5 | | WHEREAS, In July of 2016, the Illinois Board of Elections | 6 | | was the target of a cyber-attack of unknown foreign origin | 7 | | which targeted the
Illinois Voter Registration System | 8 | | Database; and
| 9 | | WHEREAS, On July 12, 2016, the IT staff at Illinois Board | 10 | | of Elections was made aware of performance issues with the | 11 | | Illinois Voter
Registration System (IVRS) database server, and | 12 | | processor usage had
spiked to 100% with no explanation; and | 13 | | WHEREAS, Analysis of server logs revealed that the spike in | 14 | | usage
was a result of rapidly repeated database queries on the | 15 | | application
status page of the Paperless Online Voter | 16 | | Application (POVA) web site; and | 17 | | WHEREAS, Additionally, Illinois State Board of Elections | 18 | | server
logs showed the database queries were a malicious form | 19 | | of cyber-attack
known as SQL Injection, which are unauthorized, | 20 | | malicious database
queries entered in a data field in a web | 21 | | application; and |
| | | SR0093 | - 2 - | LRB100 08915 MST 19058 r |
|
| 1 | | WHEREAS, Further analysis of the web server logs showed | 2 | | that
malicious SQL queries began on June 23, 2016, and that | 3 | | malicious
traffic from the IP addresses continued, though it | 4 | | was blocked at the
firewall level; and | 5 | | WHEREAS, Firewall monitoring indicated that the attackers | 6 | | were
hitting the Illinois State Board of Elections IP addresses | 7 | | five times per
second, 24 hours per day; and | 8 | | WHEREAS, Investigations of the attack concluded Illinois | 9 | | Voter
Registration System passwords were compromised, and | 10 | | passwords included those of election authorities, their | 11 | | staffs, internal Illinois State
Board of Election users, | 12 | | vendors, and web services; and
| 13 | | WHEREAS, The intelligence community has described these
| 14 | | individuals or actors as part of foreign entities, namely | 15 | | Russia,
intent on boosting one candidate over the other; and
| 16 | | WHEREAS, Aggressive actions contrary to American interests | 17 | | that
foster political chaos and institutional mistrust in our | 18 | | democratic
values must be thoroughly repudiated; and
| 19 | | WHEREAS, The American public also needs assurance that law | 20 | | enforcement is
actively investigating these matters, and if |
| | | SR0093 | - 3 - | LRB100 08915 MST 19058 r |
|
| 1 | | further investigation
finds evidence that foreign actors | 2 | | perpetrated or directed such acts,
appropriate criminal | 3 | | charges and sanctions will be announced and
enforced; | 4 | | therefore, be it
| 5 | | RESOLVED, BY THE SENATE OF THE ONE HUNDREDTH GENERAL | 6 | | ASSEMBLY OF THE STATE OF ILLINOIS, that we denounce any threats | 7 | | by Russia or any other
foreign actors who seek to interfere | 8 | | with the sanctity of our
democratic process; and be it further
| 9 | | RESOLVED, That such an attack on the United States of | 10 | | America and
the State of Illinois must not go undisclosed, and | 11 | | that we urge that the Illinois State Board of Elections produce | 12 | | a
final comprehensive report outlining the nature of breach, an | 13 | | audit of
their IT systems, and that they enact preventative | 14 | | measures to ensure
that such cyber interference never occurs | 15 | | again; and be it further | 16 | | RESOLVED, That a suitable copy of this resolution be | 17 | | delivered to Steve Sandvoss, Executive Director of the Illinois | 18 | | State Board of Elections.
|
|