Midterm elections vulnerable to cyberattacks, experts fear
WASHINGTON — U.S. cybersecurity experts are bracing for possible attempts to attack the midterm election by Russia or another adversary hoping to engineer a disruption that casts doubt on the integrity of the vote.
Interference may range from altering websites used by state and local election authorities, to spreading propaganda through social media, to hacking at polling places intended to complicate the casting of ballots.
“Anything that would drive uncertainty across the voting public — that’s probably the area that we’re going to see some activity, if we were to see anything,” Christopher Krebs, a deputy undersecretary at the Department of Homeland Security, said in October, describing possible threats “a day before or two days before” the election.
He added that there’s no intelligence indicating “a significant campaign afoot,” and that there’s been less activity in the lead-up to the election than there was in 2016 — an assessment that private sector and academic experts share.
Still, West Virginia Democratic Sen. Joe Manchin’s office announced Thursday that its social media accounts had been compromised, the latest indication that U.S. politicians and the election systems that put them in office continue to be a target.
Federal authorities responsible for securing elections, popular social media platforms, and private companies that specialize in detecting and preventing hacks face the first real test since 2016 of whether the U.S. can defend against foreign interference in its vote.
Since Russian hackers meddled in the 2016 election with strategic hacking and leaking, as well as a covert social media campaign aimed at electing President Donald Trump, social media companies, cybersecurity firms and federal and state officials have sought to enhance U.S. defenses against election interference.
Threat detection and information-sharing has been improved, while social media companies have cracked down on disinformation campaigns. The Defense Department has obtained approval to support the Department of Homeland Security response to a “significant incident for elections,” said Ed Wilson, the deputy assistant defense secretary for cyber policy, at an event last week.
But the U.S. election system, spread across more than 50 states and territories that operate autonomously, remains vulnerable. And Krebs said in October that there’s been “a consistent and persistent level of activity,” ranging from scanning of networks to phishing campaigns.
“There’s still a variety of opportunities for threat actors, including Russia, to mess with us, and I think that we need to remain vigilant,” Dmitri Alperovitch, chief technology officer at the security firm CrowdStrike Inc., said at an event hosted by the New York Times on Oct. 30. “I’ll certainly sleep better at night the day after the election — but not a moment sooner.”
The software security firm McAfee Inc. published a study in October that examined county websites in 20 states. It found that the majority were “sorely lacking in basic cybersecurity measures that could help protect voters from election misinformation campaigns.”
Hackers might use phishing attacks, where internet users are tricked into handing over their passwords, to gain login credentials for websites with information on voting or polling places.
“One of the most critical aspects of the election process is how citizens get information on where to vote, how to vote, and what the issues and candidates are,” said Steve Grobman, chief technology officer of McAfee when the study was published. “This is yet another major avenue that attackers could focus on.”
While Twitter and Facebook have heightened their defenses against the kind of fake information the Russians used them to spread in 2016, their systems are not foolproof. Hackers might try to break into the accounts of election officials to spread false information on Election Day, create fake accounts to impersonate candidates or officials, or spread falsehoods.
To detect activity by malicious bots, social media companies have built political ad archives, hired fact checkers, removed problematic pages, and created algorithms. Influence activity appearing to emanate from Russia and Iran have nevertheless been found this year on Facebook, Twitter and YouTube.
Sens. Mark Warner of Virginia and Amy Klobuchar of Minnesota, both Democrats, wrote to Facebook Chief Executive Officer Mark Zuckerberg on Nov. 1, urging him to “promptly address” reports “that Facebook’s new security tools allow users to intentionally misidentify who purchase political ads on your platform.”