All's quiet on the election cyber front, so far
- By Sean D. Carberry
- Nov 08, 2016
Despite months of hacks, cyberthreats and some degree of panic, Election Day 2016 has so far seen little in the way of malicious cyber activity. But that does not necessarily mean it will be smooth sailing through the results process.
Last month, the U.S. government publicly attributed hacks of Democratic Party systems to cybercriminals acting on behalf of the highest levels of the Russian government. That announcement came after months of accusations and concerns that Russian-backed hackers could interfere with the U.S. voting process to the point of possibly swaying the results.
Just last week, NBC News reported that an anonymous U.S. intelligence official said U.S. government hackers had infiltrated Russian electric, telecommunications and military networks to stage a retaliatory strike should Russia make any attempt to interfere with the U.S. election.
Without speculating about whether that story was a bit of gamesmanship on the part of U.S. officials, Joshua Corman, director of the Cyber Statecraft Initiative at the Atlantic Council, said the nature of cyber capabilities do lead to overt posturing at times.
"In cyberspace, attacking is much, much easier than defending," Corman told FCW. "Because of this 'offense is easy, defense is hard' dynamic…sometimes you want to remind adversaries that you can hurt them as well in equal or different ways."
Still, he said that approach comes with its own risks because escalation is a significant danger, "and we should use that power deliberately and carefully so as not to escalate, but it is one of the arrows in our quiver now."
Cyberthreats to U.S. elections have been on the radar since 2000 and the movement toward electronic voting machines.
Ari Schwartz, who was senior policy adviser to the secretary of Commerce and focusing on voting technology at the time, said that in 2012 there was extensive discussion about the cyberthreats to the election, but the debate mainly centered on the equipment.
He said there were some concerns about the security of voter rolls and the transmission of results data after polls closed, but the level of attention is much greater now.
"There wasn't this level of effort before the  election to go and say to all of the secretaries of states and other voting officials, 'You have to be very, very careful about this and make sure you have a plan in place and look into best practices,'" he said.
Schwartz added that if anything happens on Election Day 2016, there will be a rush to assume that it was the result of hacking rather than human error or some other factor.
"There are always problems at different places in every election," he said. "But the question is: Does this rise to a different level? Is there mass confusion? Or is it simply there were a couple of isolated cases and that's what happens every four years?"
Schwartz said that although one cannot prove a negative, if nothing significant happens on Election Day, "there are a lot of people who should be patted on the back" for all the effort they put into securing the vote.
The Department of Homeland Security offered to scan election systems for cyber vulnerabilities, and as of late October, 36 states had requested such assistance.
However, Corman said that despite the push to harden election systems in recent months, there is no way to eliminate all the vulnerabilities. "So [if there are no attacks] it's going to be more a matter that an adversary or set of adversaries chose not to, or they were sufficiently deterred…not to use any of their available soft spots."
And that does not mean the election is immune from controversy or possible crisis because the bulk of what's needed to hack or influence the outcome happens before Election Day.
"You don't need to actually hack the voting on Election Day if you have already sowed sufficient doubt that it is a trustworthy process," Corman said.
He pointed to the hacks of the Democratic Party, leaks of Clinton campaign email, attempts to probe election roles and other actions as seeds that have been sown that can raise questions about the outcome. And as FCW has reported previously, throwing the election could be as simple as switching or invalidating the results in one key county in one swing state.
In the short term, officials will continue to monitor for signs of malicious cyber activity, but in the long run, Corman said it is imperative to make "more defensible and resilient systems for something as important to our country as an election."
Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.