It’s quite simple: If we don’t defend our election from the ramparts of truth, we don’t defend it at all. There are countless courageous, trained professionals working within the national security community but they can only do so much. DHS and their national security partners are working on election infrastructure, cybersecurity, etc., but that still will not be enough. Foreign enemies influencing voters with propaganda, dis- and mis-information is a vulnerable unattended gap in our defenses that only everyday citizens can fill. This is precisely the one area in which every American has a chance to stand shoulder-to-shoulder with other patriotic citizens of all beliefs to ensure that it is truly voters, not Mr. Putin or his like, that make our decisions at the ballot box.
The pressure to build a voting process that includes web-based or even mobile-based voting capabilities is very real, and many lawmakers would like to see the development of reliable and trustworthy solutions. However, the atmosphere of suspicion created by foreign interference in the last election, for example, means progress is extremely slow. It is also not mandated that state and local governments update their systems, and very little, if any, guidance is provided.
Our democracy was founded on the principle of voting and its importance. What we know today as an American right granted on our 18th birthday was once only privileged to a select group. It was through immense reform that these rights were granted to more people. But the political landscape and media engagement dynamics of just the past 5 to 10 years has lit a fire under many Americans to reclaim their interest in the democratic process. Experts predict 156 million people could vote in 2020, up from 139 million in 2016 – and the voters will be more diverse than ever, according to some forecasts. Yet, election integrity has never been more vulnerable.
The Internet Research Agency, a known Russian social media operation, has well-organized programs with writers divided into groups according to their English-writing skills and briefed with reacting daily to events and diplomatic developments. China has been less active, partly because their citizens do not commonly use Twitter and Facebook and therefore it may be harder to organize operations focusing on them. Looking in detail at Russia’s efforts, the indication is less of a fixed political ideology and more of a pragmatic and sophisticated approach to encouraging changes that will support Russia’s geopolitical goals.
Many activities that introduce physical risk to political events and polling places are organized online, meaning that local and state officials may be unlikely to have the necessary visibility into not only illicit online forums where the seeds of protests and potential skirmishes are often sown, but also into chat platforms where threat actors are gradually moving more and more discussions about disinformation campaigns, fundraising, and the distribution of propaganda.
Social media companies are taking meaningful steps to curb the efforts of foreign adversaries to influence the American people. Foreign actors have been manipulating our ability to think and our access to truthful information. Polling shows a large majority of Americans expect to encounter disinformation on social media in the run-up to the 2020 elections. Despite that expectation, Americans continue to use social media as a primary vehicle to consume news. U.S.-based social media companies have a responsibility to combat foreign interference taking place via their platforms, especially those with large American user bases.
Federal and state agencies need ample, continuous and sustainable investment in research and development in elections systems in order to replace aging and obsolete voting systems infrastructure, and to verify and deploy world-class, resilient and secure elections systems. Continued, ongoing evolution of election technology and administration is needed to keep pace with evolving threats from adversaries who would compromise our elections.
Undoubtedly, the government must be prepared for the fact that as deepfakes evolve, they will continue to be used in ways that undermine national security, from allowing the faking of credentials and possibly clearance checks to undermining the security of our elections. Deepfakes can also be used to effectively discredit political candidates and push inaccurate messages to voters. Suppressing a “fake” or rumor is nearly impossible once it’s out there, and could impact election outcomes. The actual people working on election campaigns are at risk of attacks as well. They have access to strategies and timelines that may be of interest to bad actors – and bad actors may think deepfakes are the best way to bribe such information out of them if they cannot simply break in.
If home decorating supersite Wayfair was a brick-and-mortar establishment, the conspiracy theory about human trafficking could put the retailer at the same risk as a D.C. pizza joint similarly accused of human trafficking. In December 2016, Edgar Maddison Welch drove to the Forest Hills neighborhood of Washington and entered Comet Ping Pong, a family pizza shop and venue for local bands, with a .38 caliber handgun and an AR-15, firing rounds from the rifle before surrendering to police. He claimed he was investigating the “Pizzagate” conspiracy theory that alleged Democratic Party officials ran a child sex ring out of various restaurants, and the gunman vowed to rescue non-existent captive children from the restaurant’s non-existent basement.
No problem or, by extension, threat can be solved or mitigated while we are at odds with our fellow citizens. Our enemies understand this all too well and do all possible to unravel the tightly woven, patriotic fabric of U.S. society with media designed to divide us. Their primary method is to use mis- and disinformation as tools to divide us or, as is commonly known these days, “fake news.” The truth is facts matter and, more importantly, the truth that is made up by those facts matters the most. The only ingredient missing between opposing groups, political parties, ethnicities, etc., is settling on a foundation of facts to any problem or threat. Like all problem solving, you cannot succeed without analysis of what is known.
The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities. The reward offer seeks information on the identification or location of any person who, while acting at the direction of or under the control of a foreign government, interferes with any U.S. federal, state, or local election by aiding or abetting a violation of section 1030 of title 18, which relates to computer fraud and abuse.
The Cybersecurity and Infrastructure Security Agency (CISA) released the Guide to Vulnerability Reporting for America’s Election Administrators. The guide walks election officials through the steps of establishing a vulnerability disclosure program. Vulnerability disclosures can be an effective way for organizations to benefit from cybersecurity expertise without having it resident to their organization.
The third Tabletop the Vote, hosted by the Cybersecurity and Infrastructure Security Agency (CISA), took place July 28 – 30 and included 37 states and approximately 2,100 total participants. As in past years, state and local officials participated virtually from their respective states, as they would be on Election Day. The majority of Washington, D.C.-based participants participated virtually as well this year.
To guide its support to states and local election jurisdictions for the 2020 elections, CISA reported that it is developing strategic and operations plans. CISA intended to finalize them by January 2020, but has faced challenges in its planning efforts due to a reorganization within CISA, among other things. In the absence of completed plans, CISA is not well-positioned to execute a nationwide strategy for securing election infrastructure prior to the start of the 2020 election cycle. Further, CISA’s operations plan may not fully address all aspects outlined in its strategic plan, when finalized. Specifically, according to CISA officials, the operations plan is expected to identify organizational functions, processes, and resources for certain elements of two of the four strategic plan’s lines of effort—protecting election infrastructure, and sharing intelligence and identifying threats. CISA officials stated that CISA was unlikely to develop additional operations plans for the other two lines of effort—providing security assistance to political campaigns, and raising public awareness on foreign influence threats and building resilience.
The three collaborators of this short term, high impact project will convene national security and legal policy professionals and academics at the forefront of research and engagement in foreign interference in democratic elections issues, foreign intelligence activities, and election administration and security. The project aims to assess the level of foreign malign activities on the forthcoming 2020 elections, identify efforts to prevent such influence, and develop strategies that will help to ensure voter confidence in the integrity of the election process and its outcome. The project will run from June 2020 through the November elections.
“Election security will be top of mind around the nation, and protecting the 2020 elections is essential to our democracy. CISA is working with all 50 states and more than 2,400 localities, and we will continue to conduct regular vulnerability assessments of election infrastructure, engage our partners, and share information on threats and mitigation tactics as we head towards the 2020 election cycle.”
While Russian accounts are relatively limited, they perform in “lockstep” with hundreds of other, often domestic, accounts. There are countless complicated reasons for this, but the most acute aspect is that Russian accounts provide content to linked accounts. Analysts in Russia also provide analysis to content and responses to content so that they can evolve a message to become more effective at accomplishing their objectives.
“In an unprecedented level of coordination, the U.S. government is working with all 50 states and U.S. territories, local officials, and private sector partners to identify threats, broadly share information, and protect the democratic process. We remain firm in our commitment to quickly share timely and actionable information, provide support and services, and to defend against any threats to our democracy. Our adversaries want to undermine our democratic institutions, influence public sentiment and affect government policies.”
Russian activities demand renewed attention to vulnerabilities in U.S. voting infrastructure. In 2016, cybersecurity for electoral infrastructure at the state and local level was sorely lacking; for example, voter registration databases were not as secure as they could have been. Aging voting equipment, particularly voting machines that had no paper record of votes, were vulnerable to exploitation by a committed adversary. Despite the focus on this issue since 2016, some of these vulnerabilities remain.
“Many of the hot issues that we focused on in 2019 continue to be threats that require our utmost attention — both as an agency and as a nation,” Cybersecurity and Infrastructure Security Agency Assistant Director for Infrastructure Security Brian Harrell told HSToday, outlining some of the top infrastructure threats in the Department of Homeland Security’s sights for the coming year. 2020 brings another presidential election, along with memories of Russia’s campaign influence operation targeting the 2016 vote.
The majority (53.24 percent) of state and local election administrators have only rudimentary or non-standard technologies to protect themselves from phishing. Less than 3 out of 10 (28.14 percent) election administrators have basic controls to prevent phishing. Less than 2 out of 10 (18.61 percent) election administrators have implemented advanced anti-phishing cybersecurity controls.
As we head into the 2020 election season in the United States, a key component of the U.S. election infrastructure remains vulnerable to attack. Only 5% of the country’s largest counties are protecting their election officials from impersonation, according to an analysis by Valimail. The rest are vulnerable to impersonation, meaning their domains could become the unwitting vectors for cyberattacks and misinformation campaigns. This is a problem because the overwhelming majority of cyberattacks can be traced to impersonation-based phishing emails. In the corporate world, these cyberattacks result in the loss of funds or proprietary data. But when it comes to elections, the bedrock of democracy — free and fair elections — is at stake.
“At the end of the day, an informed public is the best defense against disinformation. The National Association of Secretaries of State’s #TrustedInfo2020 campaign highlights election officials as the trusted sources of election information. State and local election officials are the authoritative sources for election and voting information.”
U.S. CyberDome is composed of cybersecurity experts who have trained and practiced at the world’s largest accredited computer forensics and incident response institute in the world, the Defense Cyber Crime Center, as well as the U.S. Department of Defense and National Institute of Standards and Technology. The team got started as cyber experts who became alarmed by increasing cyber threats and the lack of protection for campaigns and voters. They formed the non-profit organization to absorb the extraordinary cost of providing cyber protection to campaigns by working with donors and charitable foundations. Initial efforts are focused on the 2020 U.S. Presidential Campaigns, and will be applied to other national campaigns over time.
Because the election vendors are allowed to keep their security practices secret, election officials have little of the information they need to protect their voting systems. The report’s authors — Norden, Christopher Deluzio, and Gowri Ramachandran — propose a federal oversight structure to improve transparency and security. For the short term, they recommend contingency plans to compensate for attacks on election systems in 2020.
Protecting the integrity of elections in the United States against criminal activity and national security threats is among the top priorities of the Department of Justice (DOJ) and the FBI. Cyber intrusions affecting election infrastructure have the potential to cause significant negative impacts on the integrity of elections. Understanding that mitigation of such incidents often hinges on timely notification, the FBI has established a new internal policy outlining how the FBI will notify state and local officials responsible for administering election infrastructure of cyber activity targeting their infrastructure.
CISA’s investment is designed to support election officials and their private sector partners who are working to improve post-election auditing in the 2020 election and beyond. The tool supports numerous types of post-election audits across various types of voting systems including all major vendors.
Created in coordination with the Department of Homeland Security and Director of National Intelligence, Protected Voices gathers together guidance from the FBI’s Foreign Influence Task Force—along with its Cyber, Criminal, and Counterintelligence Divisions—in a series of informative videos. The tutorials and online resources explain the nature of foreign influence and social engineering, highlight common areas of vulnerability, and offer cybersecurity measures to help campaigns, companies, and individuals protect themselves against common Internet-enabled crimes.
The 2016 election “was a wake-up call for our nation’s election security mission” and state and local election officials “are standing on the front lines of a renewed conflict” in the election ahead, Acting Homeland Security Secretary Kevin McAleenan told the Cybersecurity and Infrastructure Security Agency’s National Cybersecurity Summit on Thursday. McAleenan lauded CISA as a “tremendous asset” in the Department of Homeland Security for the “expertise and years of experience that you bring to the table, and the way you work with partners and stakeholders in and out of government.”
The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.