The U.S. government is worried that Russian government hackers may try to hack and disrupt the upcoming presidential election.
The U.S. intelligence community, DHS, and private cybersecurity experts have already identified a broad and sustained hacking effort by hackers working for two government agencies – the FSB (the Russian domestic security agency, successor to the KGB) and the GRU (the Russian army’s intelligence branch) — aiming to undermine the campaign of Hilary Clinton and help Donald Trump. Among other things, the Russian government hackers had stolen tens of thousands of e-mails from high-level officials at the Democratic Party and the Clinton campaign, and then coordinated with WikiLeaks a steady publication schedule of these e-mails, which saw about 2,000 e-mails published on a daily basis, beginning last month.
Both the U.S. intelligence community and the private experts believe that the Russian government, beyond the desire to undermine Clinton’s campaign, is motivated by an even longer-term strategy: Undermine the American political system by disrupting and discrediting the election process, sowing doubts and suspicion, and providing “proof” for the conspiratorial beliefs about a corrupt political system in which the electoral process is “rigged” and where “international bankers” are conspiring with Clinton to “steal” the election.
Current and former officials with the CIA and NSA told NBC News that the White House is coordinating unprecedented efforts to stop cyber-meddling come Election Day.
The United States has privately warned Russia in no uncertain terms that any attempt to manipulate vote counts would result in serious consequences.
“The Russians are in an offensive mode and [the U.S. is] working on strategies to respond to that, and at the highest levels,” Michael McFaul, who served as U.S. ambassador to Russia from 2012 to 2014, told the network.
One senior official with the Obama administration said that the Russian government wants to “sow as much confusion as possible and undermine our process in ways they’ve done elsewhere.”
The official told NBC News that the extra preparation is to “make sure that we have all the tools at our disposal and that we’re prepared to respond to whatever it is that they do.”
Several officials told NBC News that while it would be extremely difficult for hackers to affect voter count, they can cause massive confusion and misperception.
Many officials also consider the massive DDoS attack that took down popular Web sites in the United States on 21 October as a test run before election day hits.
David Sanger writes in the New York Times that America’s top intelligence officials say Vladimir Putin is highly unlikely to be able to alter the election results, but they expect Russian hackers to try to disrupt the election process.
Dmitri Alperovitch of CrowdStrike, the cybersecurity firm which discovered the hacking of the Democratic National Committee’s computer servers, said at a recent Harvard discussion that while the odds that the election results could be manipulated by Russia were “minuscule,” he believe the hackers’ ultimate goal was “to discredit the results of the election.”
Several officials told the Washington Post that they fear that even an isolated Russian cyber-operation which forces a voting system offline could erode confidence in the electoral process.
Five hacking worries
Sanger notes that federal and state officials are focusing on five possible ways to hack the election. Sanger rates each of these possible efforts (we give his assessment in parentheses):
- A flood of disclosures. (Possible, but hard to make an impact). The Russian government hackers have already damaged the Clinton campaign with the thousands of e-mails they have stolen from the Democratic party’s computers and the computers of the Clinton campaign, so it is difficult to think of additional damage that the Russian hackers-WikiLeaks alliance can do to Clinton. “Still, no one knows what else hackers might have stolen, or may be saving for the last frenetic days of the campaign,” Sanger writes.
The Washington Post reports that U.S. officials said there is still time for last-minute disruptions, even if the election process itself appears relatively secure. Rep. Adam B. Schiff (D-California), the top Democrat on the House Intelligence Committee, joined other people familiar with intelligence operations who said that they remain worried that Russia could dump doctored documents over the weekend – documents which, on their face, appear to expose illegality by the Clinton campaign. Releasing doctored documents over the weekend would create confusion and anxiety among voters, and it would be too late and too difficult to prove that the documents are forgeries before citizens cast their votes.
No one has meticulously gone over the tens of thousands of e-mails and documents stolen by Russia and given to WikiLeaks to see whether some of them had been doctored. But a cursory examination has so far not identified any forgeries among the released e-mails and documents.
U.S. officials say that the fact that Russia has so far abstained from doctoring documents or planting forgeries among the leaked e-mails, could potentially be setting the stage for a more sinister and damaging plot. “The media and public have come to see the WikiLeaks stockpiles as authentic, increasing the potential impact if Russia were to insert a deliberate but compelling falsehood,” the Post summarizes the view ofU.S. officials. - Interfering with voter registration rolls. (Lots to worry about). Voter databases are not treated as “critical infrastructure” by the federal government, and many states have underinvested in the security of their voting-related systems. This is why there is so much concern. “The fear is that intruders could make minor changes in addresses or other identifying information, leading to long lines and accusations of ‘rigging’ the polls. Voters could cast provisional ballots, but it could take months to sort out,” Sanger writes.
- Manipulating the count reported to news organizations. (A significant risk, but detectable). Hackers could try to manipulate the information available to media outlets, and the media would then report inaccurate results (“Clinton wins Alabama!” “Trump carries California!”). These inaccuracies would be corrected, but cries of foul play, and charges that the numbers were manipulated before the final, official results were announced, would very likely follow, serving the Russian goal of offering “proof” to substantiate the conspiratorial charges that the election process is “rigged” and that “international bankers” are conspiring with Clinton to steal the elections.
Russian government hackers tried to perpetrate just this kind of mischief in the recent elections in Ukraine. Ben Buchanan and Michael Sulmeyer note in a Harvard Cyber Security Project report that investigations revealed that Russian hackers “were trying by means of previously installed software to fake election results.” The hacking attempt was discovered forty minutes before the results were scheduled for announcement. The Harvard report notes that “curiously, pro-Russian TV nonetheless reported the fake results exactly.” - An Internet disruption that makes it hard to get to the polls. ((The new big fear). The massive 21 October DDoS attack which paralyzed popular Web sites may have been a trial run for this: An attack which comes just as voters are looking at their phones or computers to find their polling place, or figure out whether the bus will get them there.
Such a DDoS attack could be directed at computer systems used by a campaign’s “get out the vote” efforts. “People think of denial-of-service attacks as very broad,” Andy Ellis, the chief security officer at Akamai, a firm that helps companies maintain Web connectivity, told theTimes. “But they can be very targeted, very specific, and hard to defend against.” - Tinkering with voting machines. (Unlikely, but possible). “The voting machines themselves are offline, and we think the system is so diversified it is secure,” Suzanne Spaulding, the undersecretary of Homeland Security who oversees cybersecurity efforts, told the Times.
Outside election experts told Sanger, however, that this confidence fails to take into account known vulnerabilities. For example, most voting machines are not connected to the Internet while voting is underway, but they are often connected before Election Day, to update their ballots and software.
There are other worries. Five states do not have paper backups to create an audit trail if the electronic ballots are questioned. Pennsylvania, a swing state, has paper backups in some communities but not in others.
Russian meddling campaign to continue
American intelligence and security officials do not believe that Russia can alter the results of the elections, but that its campaign to undermine American democracy, discredit U.S. political processes, sow doubt, and increase anxiety will continue after the elections.
The decentralized nature of U.S. electoral system would make it very difficult to subvert a nationwide race, but U.S. officials are worried that that Russia would use hacking tools to fabricate indications of vote-rigging, aiming to delegitimize the election outcome that Trump has said he may refuse to accept if he does not win.
Whether Trump or Clinton prevails on Tuesday, Rep. Adam Schiff said, the United States “can expect a lot more of the same in terms of cyber-malevolence and influence” from Moscow.
The administration has publicly charged Russia with masterminding the cyber-meddling in the elections — Director of National Intelligence James R. Clapper Jr. and Homeland Security Director Jeh Johnson said in a public statement that the intrusions were authorized by “Russia’s senior most officials.” With the exception of a stern warning, in private, not to interfere in the elections, the administration has so far not retaliated against Russia for its cyber campaign. Officials told the Post that the White House is reluctant to take decisions on an escalation that could have profound implications for the next president.
Schiff said that regardless of what happens on Election Day, Russia has already achieved some of its goals.
“They’ve weakened Secretary Clinton by dumping information from her campaign manager and others,” and cast Russia and its capacity to inflict damage as an ominous figure looming over the 2016 campaign.
“They enjoy being the subject of discussion in an American election,” Schiff said. “It enhances their prestige in a bizarre way that they’re considered a player. This is also their way of payback, and I think they are delighting in that.”
For more on Cyber News, Homeland Security News Wire
