Russian hackers and propagandists who interfered in the 2016 US presidential election didn’t stop when it was over. They’re still trying to influence the vote, and now they’re being joined by other countries hoping to influence the midterms, according to the US Department of Homeland Security and other agencies. On Oct. 19, the US Department of Justice indicted a Russian woman for her alleged role in continued election interference, from the time leading up to the 2016 elections through to 2018.
Two years ago, hackers were caught trying to break into voter registration databases and other election infrastructure in at least 21 states during the race between Donald Trump and Hillary Clinton. They also infiltrated email accounts of two major organizations run by the Democratic party, as well as the private emails of members of Clinton’s campaign.
And they leaked thousands of emails to WikiLeaks and other websites, as well as members of the press, to sway public opinion and mislead voters into picking one candidate over another.
That was on top of the misinformation campaign by professional internet trolls who created American personas on the most widely used social media sites, including Facebook, Twitter and Instagram, posting false news stories and helping plan real-world protests. Earlier this year, US special prosecutor Robert Mueller charged members of a Russian spy agency and people involved in running or working at Russia’s Internet Research Agency of crimes relating to the alleged campaign.
While hackers haven’t been as busy in the lead-up to the 2018 midterm elections as they were, US intelligence agencies and DHS — which is tasked with helping state and local elections agencies keep their systems secure — warn that hackers are still active in their efforts to breach election infrastructure.
“The intelligence community continues to be concerned about the threats [toward] upcoming US elections,” Dan Coats, director of national intelligence, said at a press briefing in August, “both the midterms and the presidential elections of 2020.”
What has been hacked so far?
Most of the hacks that have come to light have either been unsuccessful or limited in their reach. During a Tennessee primary election for county mayor in May, a hacking approach called a DDoS attack flooded Knox County’s website with so much traffic the page crashed. The page went down just as polls closed on election night. A more serious DDoS attack could take down pages with important information, like where your polling place is.
There’s also been a campaign of spearphishing emails targeting US senators running for re-election. Three emails sent to staffers of US Senators tried to trick them into entering their email usernames and passwords. One of the targets was Missouri Democrat Claire McCaskill, but it’s not clear who the other two targets were.
Florida Senator Bill Nelson, also a Democrat, said he’d learned of a breach of voter registration systems in the state — though officials who run the state’s elections disputed that claim.
Securing the voting infrastructure
Hacking experts are trying to make electronic voting machines more secure. That’s good, because the machines are notoriously easy to hack.
The events of 2016 won extra attention for the vulnerabilities in voting machines and networks used by elections agencies, and those agencies and the federal government have been pushing forward on fixes. However, the fixes by and large won’t be in place in time for the 2018 midterms, due in part to slow-moving government funds and bureaucracy.
Experts say the main thing protecting voting machines from a large-scale attack is that they don’t connect to the internet, so most vulnerabilities can only be exploited by hackers who have physical access to the machines.
A group of “white hat” hackers tested voting machines for vulnerabilities this summer at the annual Defcon event in Las Vegas. US officials said they hoped the Defcon hackers would identify even more issues than they did in the previous year’s effort. They got what they asked for when the hackers released a report in September. It said the vote-counting machines its experts tested were vulnerable, allowing hackers who breached them to “flip the electoral college.”
Social media gets serious about trolls
Major social media companies have tried to show that they’re taking abuse of their platforms seriously. That’s meant rooting out organized campaigns run by users who lie about their identities and giving ordinary users more information about the political ads they’re seeing.
Facebook CEO Mark Zuckerberg has created a dedicated team to fight fake news. It’s also set up a war room to monitor activity on its site around elections and announced it’s partnering with academics to help the company understand the impact of social networks on elections. The company also promised European officials it will block interference in elections there, too.
Facebook calls organized troll activity “inauthentic influence campaigns,” which try to sway political protests in real life and spread misinformation online. So far this year, the company has announced twice that it’s taken down accounts and pages associated with these campaigns, which it says have come from Russia and Iran. Google also identified a network of 58 accounts originating from Iran that were running an influence operation on the company’s platforms, including its popular YouTube video service.
Facebook has imposed requirements for users who manage pages, making them confirm their locations and add extra security to prevent account takeovers. And Twitter, Facebook and Google have all announced updates to their advertising policies, including labeling political advertising and identifying who paid for it.
Other tech firms offer solutions
Social media companies aren’t the only ones working on ways to crack down on hackers and online fakers. Microsoft has come up with a way to find and shut down fake pages that try to trick users into entering their Microsoft Outlook login credentials.
Google is also providing a free service to protect campaigns and elections agencies.
Cybersecurity firm Symantec created its own service to help campaigns and election officials find pages that impersonate them, which can make it harder for hackers to phish victims or spread misinformation under an official banner.
And then there are the secure-messaging companies Wickr and Signal, which are partnering with the Democratic National Committee to provide ways for campaign staffers to communicate with each other that aren’t as easy to hack as email.
That’s probably a smart idea, because even if a large-scale hacking effort doesn’t materialize in the 2018, it’s clear from what happened in 2016 that campaigns and elections agencies had room for improvement in their cybersecurity measures.