Election system hacks raise specter of foreign influence

Two states have had election data systems hacked, in addition to high-profile cyberattacks on the Democratic Party.

AP/File
The NSA campus in Fort Meade, Maryland.

Recent hacks of election data systems in at least two states have raised fear among lawmakers and intelligence officials that a foreign government is trying to seed doubt about — or even manipulate — the presidential race, renewing debate over when cyberattacks cross red lines and warrant a U.S. response.

Federal officials already are investigating cyberattacks at the Democratic National Committee and the Democratic Congressional Campaign Committee, believed to be the work of hackers tied to the Russian government. Trolling a private organization's emails is one thing, cyberexperts say, but breaching state election systems to undermine the integrity of the November ballot would be quite another.

"The mere access to those systems is incredibly concerning to me," said Sean Kanuck, former national intelligence officer for cyber issues at the Office of the Director of National Intelligence. "I think that the manipulation of election data or voting systems would warrant a national security response."

No one has yet confirmed that data was actually manipulated. Law enforcement and intelligence officials are investigating the election-related breaches, but also are looking at the extent to which Russia could be involved in a disinformation campaign to diminish U.S. clout worldwide. Russian President Vladimir Putin says Moscow wasn't involved in the hacking of emails of the Democratic Party.

Republican presidential nominee Donald Trump said last week he thinks it's unlikely that Russia is trying to influence the election. "I think maybe the Democrats are putting that out," he said on RT America, the U.S. partner of Kremlin-backed network Russia Today.

But Defense Secretary Ash Carter issued a public warning to Moscow last week while in Europe. "We will not ignore attempts to interfere with our democratic processes," Carter said. Asked later to elaborate, Carter said he was referring to Russia's use of hybrid warfare — "interference in the internal affairs of nations, short of war" — which he said is a concern across Europe.

Late last month, the FBI sent a "flash alert" to warn state officials to strengthen their election systems in light of evidence that hackers targeted data systems in two states. The FBI described a "compromise" of one elections board website and "attempted intrusion activities" in another state's system. The FBI didn't name the states, but state election websites in Illinois and Arizona experienced hack-related shutdowns in the parts of the websites that handle online voter registration.

Manipulating an election in the United States would be difficult, officials say, because there are thousands of electoral jurisdictions across the 50 states.

Homeland Security Secretary Jeh Johnson said Thursday that the election system is "so decentralized, so vast ... it would very difficult to alter the count."

FBI Director James Comey agrees.

"The vote counting in this country tends to be kind of clunky," which is a blessing because it makes harder for hackers to infiltrate, Comey said. "It makes it more resilient and farther away from an actor who might be looking to crawl down a fiber-optic cable, and find there actually is no fiber optic cable — that it's actually some woman named Sally and a guy named Joe and they roll the thing (voting machine) over and pull out the punch cards," Comey said.

Such reassurances have not eased concern on Capitol Hill, yet reaction has been mixed.

Senate Democratic leader Harry Reid of Nevada was "deeply shaken" after a half-hour briefing about Russian activities that he received at the FBI office in Las Vegas, according to an individual familiar with the briefing. The individual was not authorized to publicly discuss the briefing and spoke only on condition of anonymity.

An aide to another senator, who also was briefed, said what gave the lawmaker "pause" was that Russia might be meddling in the United States in the same way it has in Eastern Europe where it has a history of using cyberattacks to facilitate their political objectives.

Sen. Ron Wyden, D-Ore., member of the Senate Intelligence Committee, said there is bipartisan concern about the "Russian government engaging in covert influence activities." He said a section of this year's intelligence authorization bill directs the president to set up an interagency committee to 'counter active measures by Russia to exert covert influence over peoples and governments.'"

Rep. Devin Nunes, R-Calif., chairman of the House Intelligence Committee, said, however, that he's not surprised by the hacks.

"I just think people have been asleep," he said. "This is the challenge of going to digital records, digital voting. This is why it's imperative to keep paper voting."

How the U.S. should respond to cyberattacks is the subject of much debate.

John Carlin, assistant attorney general for national security at the Justice Department, described a three-pronged approach: figure out who's responsible, don't be afraid to take it public and routinely impose consequences.

Andrew McCabe, deputy director of the FBI, said each one of those steps presents challenges. "In terms of options for action, they are limited — very understandably sometimes — by international policy constraints, diplomatic challenges and the concern about the impact on partners and relationship with partners."

California Rep. Adam Schiff, the top Democrat on the House Intelligence Committee, said each cyberattack will require a different U.S. response. In some cases, it could begin with "naming and shaming" responsible parties, he said. Other cases call for economic or other sanctions. When it comes to cyberattacks by North Korea, perhaps the U.S. should consider dropping public leaflets aimed at denouncing the repressive North Korean government, he said.

"I think the failure to act, the failure to establish any deterrent, the failure to even name responsible parties — particularly in the case of Russia — only invites further exploitation, further attacks and further effort to disrupt our elections," Schiff said.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.