The U.S. midterm elections are less than 50 days away. There are many reasons to be concerned that some adversaries of the United States will attempt, again, to sow chaos in the upcoming U.S. election, and undermine the legitimacy of these contests.
Christine Santoro, Esq., (Chief Legal Officer, OSET Institute) in her Sep. 20th, 2018 article, Will Foreign Adversaries Attack U.S. Midterm Elections or Elsewhere?, analyzes the threat:
Most experts believe that Russia … will continue to interfere in U.S. elections on some level(s). Others are raising concerns about China and even Iran.
Three Types of Attacks
This interference will be in the form of three different types of attacks, first identified in OSET’s Critical Democracy Infrastructure Briefing. The three types of attacks are:
- Defamation: de-legitimizing elections by “using weaponized content or generating false content to undermine voters’ confidence in the election”
- Disruption: disrupting the election process, before or during voting, or afterwards to disrupt reporting of the election result. This type of attack is especially dangerous when accompanied by a defamation attack, as both combine to throw the legitimacy of the election into doubt even without altering the votes cast or tallied.
- Subversion is the “direct manipulation of [election] devices, machinery or systems .. the most dangerous and insidious type of attack.” This direct digital attack of voting machinery “will unlikely occur effectively at the ballot casting device but rather target tabulation and tally equipment.”
Attacks are happening now, and will increase
Already, Dan Coats, the Director of National Intelligence, has sounded the alarm regarding imminent and ongoing defamation attacks from Russia against the U.S.:
Russia is trying to spread propaganda on hot-button issues using social media … Moscow’s strategy is to exacerbate sociopolitical divisions … We continue to see a pervasive messaging campaign by Russia to try to weaken and divide the United States.
FBI Director Christopher Wray stated in August that Russian intelligence is focused on “malign influence operations,” which he called “information warfare.” Later that month, Facebook shut down over 30 pages and accounts with suspected ties to Russia.
The U.S. is not the only country whose elections are being targeted by Russian attacks:
- Anders Fogh Rasmussen, Co-chair of Transatlantic Commission on Election Integrity (TCEI), says, “I have no doubt Moscow will deploy the full playbook of measures to spread confusion and fear: cyber-attacks, assassinations, disinformation, conventional attacks in Eastern Ukraine. We cannot allow this to happen.”
- Victor Pinchuk, based on his work with the Ukraine Elections Task Force, warns: “if we do not prevent it, what might happen in Ukraine in 2019 may also be repeated across the West in 2020.”
What will happen in the 2018 U.S. midterms?
Counselor Santoro identifies the most likely attacks that will occur in the next two months:
- Defamation attacks are happening now: “Russia continues to taunt the U.S. with Type-I attacks using disinformation, fake news, and instigation of social warfare on Facebook and other media sites.”
- Disruption attacks are less likely: “the window for [voter registration attacks] may have passed … there [remains] possibility of attempts to hack election results sites.” Fortunately, “the official tabulation records and tabulators are not on-line,” so remain safe from Russian attacks, at least for now.
- Subversion attacks are very unlikely, in part because this year is not a Presidential election year: “the stakes are not as lofty in the midterm elections, so foreign adversaries can afford to save their dry powder for this one.”
Although this sounds like relatively good news, the danger is, if anything, increasing:
Our foreign adversaries (again, in particular the Kremlin), are in for the very long game … they’re monitoring and preparing in the misguided belief they can successfully subvert our election and manipulate our government when the stakes are high enough in 2020.
What can we do to protect our election systems?
We aren’t helpless in the face of this gathering storm. But we must take action to protect U.S. electoral systems. Ms. Santoro identifies the most important steps we must take. Our voting systems must be:
- “completely rid of remote access capability“
- “fortified with paper ballots of record” and
- “tabulation and tally devices must somehow become truly hardened“
Beyond simply securing voting machines,
- digital election infrastructure must be rebuilt “for higher integrity … driven by a new critical infrastructure mindset in terms of security-centric engineering.”
Although we know that Russia is currently pursuing defamation attacks against the U.S. election system, and will continue to do so until the 2018 midterms are concluded, we may be able to prevent the much more dangerous disruption and subversion attacks in 2020, but only if we start working now to secure the U.S. election infrastructure.
The OSET Institute‘s TrustTheVote Project addresses these issues with our modular ElectOS public software framework/platform, designed from the ground up to deliver verifiable, accurate, secure, and transparent (in process) elections.
More information and how you can help
- Read Christine Santoro‘s original article, Will Foreign Adversaries Attack U.S. Midterm Elections or Elsewhere?, on the OSET Institute website.
- Read Counselor Santoro‘s related and provocative article last year examining the question of whether foreign state hacking of an election is tantamount to an act of war.
- Read the Critical Democracy Infrastructure Briefing to learn more about the vulnerabilities of current digital election systems
- Learn more about the TrustTheVote Election Technology Framework and how the TrustTheVote Project counters the three types of attacks.
- If you are an election official, get involved with the TrustTheVote Project to help guide the development of public technology to increase integrity, lower costs, and improve future elections.