It’s quite simple: If we don’t defend our election from the ramparts of truth, we don’t defend it at all. There are countless courageous, trained professionals working within the national security community but they can only do so much. DHS and their national security partners are working on election infrastructure, cybersecurity, etc., but that still will not be enough. Foreign enemies influencing voters with propaganda, dis- and mis-information is a vulnerable unattended gap in our defenses that only everyday citizens can fill. This is precisely the one area in which every American has a chance to stand shoulder-to-shoulder with other patriotic citizens of all beliefs to ensure that it is truly voters, not Mr. Putin or his like, that make our decisions at the ballot box.
Our democracy was founded on the principle of voting and its importance. What we know today as an American right granted on our 18th birthday was once only privileged to a select group. It was through immense reform that these rights were granted to more people. But the political landscape and media engagement dynamics of just the past 5 to 10 years has lit a fire under many Americans to reclaim their interest in the democratic process. Experts predict 156 million people could vote in 2020, up from 139 million in 2016 – and the voters will be more diverse than ever, according to some forecasts. Yet, election integrity has never been more vulnerable.
The Internet Research Agency, a known Russian social media operation, has well-organized programs with writers divided into groups according to their English-writing skills and briefed with reacting daily to events and diplomatic developments. China has been less active, partly because their citizens do not commonly use Twitter and Facebook and therefore it may be harder to organize operations focusing on them. Looking in detail at Russia’s efforts, the indication is less of a fixed political ideology and more of a pragmatic and sophisticated approach to encouraging changes that will support Russia’s geopolitical goals.
Many activities that introduce physical risk to political events and polling places are organized online, meaning that local and state officials may be unlikely to have the necessary visibility into not only illicit online forums where the seeds of protests and potential skirmishes are often sown, but also into chat platforms where threat actors are gradually moving more and more discussions about disinformation campaigns, fundraising, and the distribution of propaganda.
Federal and state agencies need ample, continuous and sustainable investment in research and development in elections systems in order to replace aging and obsolete voting systems infrastructure, and to verify and deploy world-class, resilient and secure elections systems. Continued, ongoing evolution of election technology and administration is needed to keep pace with evolving threats from adversaries who would compromise our elections.
Undoubtedly, the government must be prepared for the fact that as deepfakes evolve, they will continue to be used in ways that undermine national security, from allowing the faking of credentials and possibly clearance checks to undermining the security of our elections. Deepfakes can also be used to effectively discredit political candidates and push inaccurate messages to voters. Suppressing a “fake” or rumor is nearly impossible once it’s out there, and could impact election outcomes. The actual people working on election campaigns are at risk of attacks as well. They have access to strategies and timelines that may be of interest to bad actors – and bad actors may think deepfakes are the best way to bribe such information out of them if they cannot simply break in.
No problem or, by extension, threat can be solved or mitigated while we are at odds with our fellow citizens. Our enemies understand this all too well and do all possible to unravel the tightly woven, patriotic fabric of U.S. society with media designed to divide us. Their primary method is to use mis- and disinformation as tools to divide us or, as is commonly known these days, “fake news.” The truth is facts matter and, more importantly, the truth that is made up by those facts matters the most. The only ingredient missing between opposing groups, political parties, ethnicities, etc., is settling on a foundation of facts to any problem or threat. Like all problem solving, you cannot succeed without analysis of what is known.
To guide its support to states and local election jurisdictions for the 2020 elections, CISA reported that it is developing strategic and operations plans. CISA intended to finalize them by January 2020, but has faced challenges in its planning efforts due to a reorganization within CISA, among other things. In the absence of completed plans, CISA is not well-positioned to execute a nationwide strategy for securing election infrastructure prior to the start of the 2020 election cycle. Further, CISA’s operations plan may not fully address all aspects outlined in its strategic plan, when finalized. Specifically, according to CISA officials, the operations plan is expected to identify organizational functions, processes, and resources for certain elements of two of the four strategic plan’s lines of effort—protecting election infrastructure, and sharing intelligence and identifying threats. CISA officials stated that CISA was unlikely to develop additional operations plans for the other two lines of effort—providing security assistance to political campaigns, and raising public awareness on foreign influence threats and building resilience.
“Election security will be top of mind around the nation, and protecting the 2020 elections is essential to our democracy. CISA is working with all 50 states and more than 2,400 localities, and we will continue to conduct regular vulnerability assessments of election infrastructure, engage our partners, and share information on threats and mitigation tactics as we head towards the 2020 election cycle.”
While Russian accounts are relatively limited, they perform in “lockstep” with hundreds of other, often domestic, accounts. There are countless complicated reasons for this, but the most acute aspect is that Russian accounts provide content to linked accounts. Analysts in Russia also provide analysis to content and responses to content so that they can evolve a message to become more effective at accomplishing their objectives.
“In an unprecedented level of coordination, the U.S. government is working with all 50 states and U.S. territories, local officials, and private sector partners to identify threats, broadly share information, and protect the democratic process. We remain firm in our commitment to quickly share timely and actionable information, provide support and services, and to defend against any threats to our democracy. Our adversaries want to undermine our democratic institutions, influence public sentiment and affect government policies.”
Russian activities demand renewed attention to vulnerabilities in U.S. voting infrastructure. In 2016, cybersecurity for electoral infrastructure at the state and local level was sorely lacking; for example, voter registration databases were not as secure as they could have been. Aging voting equipment, particularly voting machines that had no paper record of votes, were vulnerable to exploitation by a committed adversary. Despite the focus on this issue since 2016, some of these vulnerabilities remain.
“Many of the hot issues that we focused on in 2019 continue to be threats that require our utmost attention — both as an agency and as a nation,” Cybersecurity and Infrastructure Security Agency Assistant Director for Infrastructure Security Brian Harrell told HSToday, outlining some of the top infrastructure threats in the Department of Homeland Security’s sights for the coming year. 2020 brings another presidential election, along with memories of Russia’s campaign influence operation targeting the 2016 vote.
As we head into the 2020 election season in the United States, a key component of the U.S. election infrastructure remains vulnerable to attack. Only 5% of the country’s largest counties are protecting their election officials from impersonation, according to an analysis by Valimail. The rest are vulnerable to impersonation, meaning their domains could become the unwitting vectors for cyberattacks and misinformation campaigns. This is a problem because the overwhelming majority of cyberattacks can be traced to impersonation-based phishing emails. In the corporate world, these cyberattacks result in the loss of funds or proprietary data. But when it comes to elections, the bedrock of democracy — free and fair elections — is at stake.
“At the end of the day, an informed public is the best defense against disinformation. The National Association of Secretaries of State’s #TrustedInfo2020 campaign highlights election officials as the trusted sources of election information. State and local election officials are the authoritative sources for election and voting information.”
U.S. CyberDome is composed of cybersecurity experts who have trained and practiced at the world’s largest accredited computer forensics and incident response institute in the world, the Defense Cyber Crime Center, as well as the U.S. Department of Defense and National Institute of Standards and Technology. The team got started as cyber experts who became alarmed by increasing cyber threats and the lack of protection for campaigns and voters. They formed the non-profit organization to absorb the extraordinary cost of providing cyber protection to campaigns by working with donors and charitable foundations. Initial efforts are focused on the 2020 U.S. Presidential Campaigns, and will be applied to other national campaigns over time.
Because the election vendors are allowed to keep their security practices secret, election officials have little of the information they need to protect their voting systems. The report’s authors — Norden, Christopher Deluzio, and Gowri Ramachandran — propose a federal oversight structure to improve transparency and security. For the short term, they recommend contingency plans to compensate for attacks on election systems in 2020.
Protecting the integrity of elections in the United States against criminal activity and national security threats is among the top priorities of the Department of Justice (DOJ) and the FBI. Cyber intrusions affecting election infrastructure have the potential to cause significant negative impacts on the integrity of elections. Understanding that mitigation of such incidents often hinges on timely notification, the FBI has established a new internal policy outlining how the FBI will notify state and local officials responsible for administering election infrastructure of cyber activity targeting their infrastructure.
CISA’s investment is designed to support election officials and their private sector partners who are working to improve post-election auditing in the 2020 election and beyond. The tool supports numerous types of post-election audits across various types of voting systems including all major vendors.
Created in coordination with the Department of Homeland Security and Director of National Intelligence, Protected Voices gathers together guidance from the FBI’s Foreign Influence Task Force—along with its Cyber, Criminal, and Counterintelligence Divisions—in a series of informative videos. The tutorials and online resources explain the nature of foreign influence and social engineering, highlight common areas of vulnerability, and offer cybersecurity measures to help campaigns, companies, and individuals protect themselves against common Internet-enabled crimes.
The 2016 election “was a wake-up call for our nation’s election security mission” and state and local election officials “are standing on the front lines of a renewed conflict” in the election ahead, Acting Homeland Security Secretary Kevin McAleenan told the Cybersecurity and Infrastructure Security Agency’s National Cybersecurity Summit on Thursday. McAleenan lauded CISA as a “tremendous asset” in the Department of Homeland Security for the “expertise and years of experience that you bring to the table, and the way you work with partners and stakeholders in and out of government.”