The Department of Homeland Security recently gathered its top election officials and representatives from other federal agencies and states in Arlington, Virginia, to spend several hours walking reporters through Election Day disaster scenarios and how the government would respond. The session focused on two scenarios: an adversary tinkering with some element of the US voting apparatus and a concentrated disinformation campaign intended to trick US voters.
“We haven’t seen any compromises, or any sort of access to election equipment, across the United States, at this point,” Chris Krebs, a DHS official, assured reporters after the walkthrough, in the only on-the-record portion of the meeting, the first of its kind.
That has been a common refrain from US officials this year, one that has been reiterated for months by every official in the division of DHS that oversees election security: Even though Russian military hackers broke into the Illinois state voter registration database in 2016, tried to do that with dozens of other states, and sent spear-phishing emails to county election workers, they haven’t bothered this year.
But that’s less reassuring than it sounds. A few hours after Krebs made his comment, the Department of Justice dropped a bombshell indictment that it had been working on for months: Russia’s Internet Research Agency, the “troll factory” propaganda farm that special counsel Robert Mueller charged with a litany of crimes related to trying to influence the 2016 election, was still at it in 2018. The Justice Department alleged that Elena Khusyaynova, an IRA accountant, had engaged in a conspiracy to defraud the US by helping craft an army of fictitious social media personalities designed to inflame American political tensions.
If that indictment seemed to come out of nowhere, that’s in part because the US government had said nearly nothing about Russian meddling for months — even though there were plenty of signs Russia was still engaged, as it had been for years, in stirring up online trouble through fake personas.
Why the silence? Critics blame President Donald Trump for the government’s failure to sound the alarm more forcefully.
“The intelligence community, by its very nature, is not always able to go public with what steps they are taking to protect the integrity of our elections. That’s where presidential leadership comes in — and unfortunately, we still have a president who remains reluctant to acknowledge the severity of this threat, and refuses to step up to fight it,” Mark Warner, the ranking Democrat on the Senate Intelligence Committee, told BuzzFeed News.
Trump’s reluctance is born no doubt from the finding of the US intelligence community that Russia favored Trump over Democrat Hillary Clinton in 2016 — a reluctance that remains despite the fact Trump’s own intelligence officials and the Republican head of the Senate Intelligence Committee have reiterated that conclusion. In August, the White House ordered Senate Republicans to kill a bipartisan election security bill, saying it wasn’t necessary — out of fear perhaps that it would remind people of those uncomfortable conclusions about the 2016 election.
While it would normally fall to the National Security Council to talk about Russian meddling online, Trump’s current national security adviser, John Bolton, sees it as far from a priority.
Speaking in Moscow last week, Bolton downplayed the idea that Russian influence operations had actually been effective.
“There’s no possibility that the outcome of the election would have been changed,” Bolton said, contradicting previous intelligence community reports, and mistakenly referring to the IRA as the “Internet Research Association.”
This spring, Bolton infamously eliminated the role of cybersecurity coordinator, the job that managed cybersecurity policies among federal agencies under previous administrations.
“Firing the NSC cybersecurity official who would otherwise be responsible for coordinating these efforts across agencies was just another demonstration that President Trump doesn’t take this seriously,” Warner said.
That’s left it primarily to social media platforms like Twitter and Facebook to let the public know when they’ve moved against accounts they suspect are spreading Russian propaganda. Facebook’s first such announcement about the IRA came in 2017, and as recently as August it admitted it had discovered and “removed pages, groups and accounts that can be linked to sources the US government has previously identified as Russian military intelligence services,” a reference to the GRU, Russia’s military intelligence agency.
But whether those announcements are enough to give US voters confidence that Russian meddling is under control is uncertain. Russia’s IRA, which is owned by a close friend of Russian President Vladimir Putin, is still active but far less obvious than it was in 2016, in part because its employees have done a better job of covering their tracks with simple tactics like consistently using a VPN and posting during hours when Americans are active, rather than during Russian work hours. There was even a short period in 2018 when the IRA “went dark” and US spies were unable to conclusively track its activity, according to a person familiar with the US intelligence community’s ongoing monitoring.
Another expert on Russian meddling, Ben Nimmo, an Atlantic Council researcher who sifted through all of Facebook’s deleted IRA activity through the summer of 2018, said the difference may be the efforts the Russians are making to hide what they are doing.
“The trolls are trying a lot harder to cover their tracks,” he said, “which means I don’t think we can say that what we have from Twitter and Facebook is the definitive list of everything they did this year.”
And it’s not just the IRA.
While there hasn’t been a repeat of what happened to the Democrats — in which a foreign country not only hacked into a political party’s computer system but released emails to inflict political damage — it hasn’t been for lack of trying.
According to Microsoft, at least two significant US politicians were targeted this year by the same Russian GRU military intelligence unit that Mueller’s July indictment accused of interfering during the 2016 campaign. One was Sen. Claire McCaskill, a Missouri Democrat running for reelection this year, whose seat is pivotal for the balance of power in the Senate.
The other hasn’t been publicly identified, but New Hampshire Sen. Jeanne Shaheen, a Democrat who’s pushed for sanctions against Russia, saw her office peppered with phishing attacks. (Shaheen’s office said it doesn’t know if she was the other GRU target.)
There’s been a surge in other candidates targeted by hackers in 2018, all Democrats, though to date there’s no substantial, public investigation that shows who’s behind any of them.
Hans Keirstead, a California Democrat who lost his primary bid to challenge Republican Rep. Dana Rohrabacher, perhaps the most favorable candidate to Russian President Putin, also faced a multipronged hacking campaign.
Another Democratic House candidate in California who lost his primary, Dave Min, was successfully hacked. Tabitha Isner, running for a House seat in Alabama, was targeted. Phil Bredesen, running for a Senate seat in Tennessee, told the FBI earlier this year that his campaign received carefully curated phishing emails, but didn’t fall for them.
Whether Democrats make riper targets than Republicans or are simply more likely to publicize them isn’t clear. The DNC, eager to address its misfortunes from 2016, has actively courted the press about its cybersecurity initiatives. The Republican Party, in contrast, has been reluctant to talk about the subject, and didn’t respond to an inquiry about whether any of its candidates had seen hacking attempts. The FBI declined to comment for this story.
The tactic isn’t confined to just Russia, or at least isn’t any longer. Facebook recently announced it had undergone a second round of excising a coordinated Iranian political influence campaign, though it’s clear its operators are learning and adapting.
That operation “has evolved to become more like the Russian one,” said Nimmo of the Atlantic Council. “It’s mainly based on social media (not websites), and posts engaging content, mostly memes,” he said, and it focuses on “divisive content” like the IRA.
But for the White House, that sort of influence operation simply isn’t a major concern. In Bolton’s speech, he changed the subject: “If you want to talk about a really massive influence effort on the American political system, I suggest you read Vice President Pence’s speech on China’s efforts.”
In that speech, delivered Oct. 4, Pence spoke at length about various ways in which the Chinese government is trying to influence America. His examples of election interference, however, were limited to noting that recent Chinese tariffs largely targeted Trump-supporting US farm areas. Trump himself accused China of election meddling in September but has only mentioned the country taking out a large ad in an Iowa newspaper as proof.