Danielle McLaughlin
The United States presidential primary elections, which kicked off this week with the Iowa caucuses, began with a whimper, rather than a roar, as technical issues delayed the final results for days. It was an ignoble beginning for the Democratic Party, which has its hands full trying to beat an incumbent president in November.
The Iowa debacle has highlighted the many threats to election security and the importance of public confidence in election outcomes.
It seemed like a good week to talk about election security.
Jim Trainor, a former assistant director of the FBI’s cyber division and a 20-year veteran of the bureau, is now in private practice with Aon Cyber Solutions. We talked this week about the emerging threats in the 2020 election.
He first reminded me of the scale of the security issue: ‘‘The 2020 election involves 50 states and about 9000 polling locations where people will cast their votes. Polling machines form part of a complex voting infrastructure, and that infrastructure is vulnerable.’’
That complex infrastructure extends beyond voting machines to the networks to which the machines are connected and through which results are communicated.
As we learned four years ago, the broader election ‘‘machine’’ also includes social media, and the computers and networks used by political campaigns and related organisations.
Russian influence in the 2016 presidential election – which, according to Trainor, started years earlier – may one day seem quaint in hindsight.
It is possible, Trainor says, that other countries with divergent interests to the US, including North Korea and China, may try to disrupt the election this year.
And it is not just enemies that may see an opportunity, he says. Countries with relatively good relationships with the US may seek to exert some influence – potentially through social media – as well.
Can we fix the cyber threat to voting machines with paper ballots that create a physical record of each vote?
It’s not a realistic goal for 2020, Trainor told me. This is not to say that the federal government hasn’t tried to assist the various states with the offer of funding to bolster voting security.
Ohio, for example, announced on Wednesday that it was implementing an array of election security measures with approximately US$13 million from the federal government’s Election Assistance Commission (EAC), which handed out US$380m to the states in 2018, and another US$425m last December.
The EAC appears to have its own issues, however. It faces internal battles over its mission, including whether to focus on helping the states navigate cyber issues, or on voter identification efforts, which are backed only by debunked theories of widespread voter fraud in 2016.
In addition, one of its four commissioners has publicly rejected the US intelligence community’s findings about Russian interference in the 2016 election.
One of the primary challenges in US cyber security, which includes election security, is that ‘‘there is simply no-one steering the ship’’, Trainor says.
He and another former FBI cyber division official, Andrew Burt, argued for the creation of such an agency in a story in Time magazine last month. They listed at least a dozen various agencies and organisations – including the FBI, the Secret Service, and the Department of Homeland Security – with a role in fighting cyber crime.
The effort is disorganised and costly: the coalition is collectively seeking US$11 billion in government funding in 2020, which is US$2b more than the entire FBI, which has a vastly broader remit to investigate all federal criminal activity.
Trainor explained that cyber threats to election security don’t only exist in the US. Russia, for example, has also worked to interfere in elections in France, the United Kingdom and Germany.
He says there are other bad actors for whom election interference may at some point serve a strategic purpose. ‘‘North Korea and Iran might interfere for hostility’s sake. For China, it’s an economic issue.’’
That said, Russia remains the biggest strategic threat ‘‘because we know they have the technical capability, which will only be improved since 2016’’.
What about countries like New Zealand or
Australia? Trainor explained that ‘‘for a country like Russia, there is value in destabilising any of the countries that form part of the Western democratic alliance formed in the post-World War II era’’.
And electoral disruption can be done through a ‘‘soft’’ cyber campaign, which might include social media influencing and targeting political candidates and entities.
‘‘You don’t even have to be successful’’, says Trainor. ‘‘The uncertainty is the point.’’
Speaking of uncertainty, the Democratic National Committee has called for a re-canvass of the 1681 precincts where Iowans caucused this week.
The New York Times reported that more than 100 precinct results were ‘‘internally inconsistent . . . missing data . . . or not possible under the complex rules of the Iowa caucuses’’.
The good news is that the complex caucus model is the exception rather than the rule in the 49 primary elections yet to come. And that the number of delegates awarded in Iowa is a small percentage of the total needed to win the Democratic nomination.
Trainor is also positive about 2020 and beyond. This is just the beginning, he says.
‘‘We have 5G, quantum computing, artificial intelligence and the internet of things’’ taking up a bigger roles in our private lives, in government and in industry.
Despite widespread concerns about the 2020 presidential election, one of grave importance in the wake of known interference in 2016, Trainor’s optimism is a comfort. He has unique insight into what governments and private industry are doing to combat the cyber threat.
I might sleep a little better because of it.
Danielle McLaughlin is the Sunday Star-Times’ US correspondent. She is a lawyer, author, and political and legal commentator, appearing frequently on US and New Zealand TV and radio. She is also an ambassador for #ChampionWomen, which aims to encourage respectful, diverse, and thoughtful conversations. Follow Danielle on Twitter at @MsDMcLaughlin.