Some people believe it is too
early to think in detail about the next national election in November of
2020. I beg to differ in some respects.
I have not made a decision
about the person I will support for the democratic nomination, so in that
respect, it is clearly too early. Nor am
I ready to volunteer just yet for ground-game activities. I’ve not determined which issues I want to headline the campaign, or what strategies might be most effective. What I am most concerned about at this point
are some items of operation that rarely occurred to us in any substantive way
until 2016 turned out as it did. Those "nuts and bolts" issues never get enough attention before we walk into our voting
locations.
I’m talking about exigencies
that could easily corrupt the vote and the entire election process as they may
well have done – unforgettably – in 2016 (see my Blog post of 11/14/2016).
#1) Hacking and Trolling -- interference of
foreign countries in our election process comes down to Russia (and others like
China) hacking into voting records and using social media to distort election
issues. We should all be aware by now of
what occurred in 2016 (see CNN summary at: https://www.cnn.com/2017/01/07/politics/intelligence-report-russian-interference/index.html)
and, indeed, what has
continued to occur since.
The Russians are involved in
a cyber-attack against us aimed at disrupting and distorting our electoral
process (and other vital activities). This ‘war’ is meant not just to disrupt our
elections, but to make us look like a second-rate government unable to fulfill
our democratic promises and unworthy of consideration as an example of democratic
government to the nations of the world.
Make no mistake: the USA is losing this battle, mostly because
of the denial and neglect of this by the current Administration (although some
agencies have continued to fight back). We have been warned by our intelligence and
investigative agencies, by Special Counsel Mueller, by representatives of the
Military and by private tech companies that this is real; it is on-going; it is
having a deleterious effect upon our democratic processes. But the Trump administration has done little
to counter the attacks. Instead, this
pretend president continues to laud and praise Vladimir Putin at every
opportunity.
What are some of the
happenings and reports of Russian hacking activity since 2016? The Center for Strategic and International
Studies, based in Washington, DC, has built a list of reported incidents of
cyber interference and hacking since 2006 (see their full list at https://csis-prod.s3.amazonaws.com/s3fs-public/190813_Significant_Cyber_Events_List.pdf).
The partial list below attempts to present a breadth of incidents, and not just those
related to elections. It includes activity by countries other than Russia. This is just the tip of the iceberg; the
reality of the cyber war going on under the radar is overwhelming.
February 2017. A suspected Russian hacker breaches at least 60
universities and US government organizations using SQL injections, including
HUD, NOAA, Cornell University, and NYU, among many others. This follows up a
hack by the same actor against the U.S. Electoral Assistance Commission in
December 2016.
March 2017. An intelligence report revealed a Russian operation
to send malicious spear-phishing messages to more than 10,000 Twitter users in
the Department of Defense. The malicious payloads delivered through these
messages gave Russian hackers access to the victim’s device and Twitter account
April 2017. Cybersecurity researchers revealed a growing
cyber-espionage campaign originating in China and targeting construction,
engineering, aerospace and telecom companies, as well as government agencies,
in the U.S., Europe, and Japan
July 2017. Russian hackers used leaked NSA tools to compromise
Wi-Fi servers in European and Middle Eastern hotels in a campaign targeting top
diplomats and industrial leaders.
July 2017. The FBI and
DHS announced that hackers had been targeting US energy facilities including
the Wolf Creek Nuclear Operating Corporation in a campaign bearing resemblance
to the operations of a known Russian hacking group
October 2017. Russian hackers reported to be targeting potential
attendees of CyCon, a cybersecurity conference organized by the US Army and the
NATO CCD COE
February 2018. The US and UK
formally blame Russia for the June 2017 NotPetya ransomware attack that caused
billions of dollars in damages across the world.
March 2018. Online
services for the city of Atlanta were disrupted after a ransomware attack
struck the city’s networks, demanding $55,000 worth of bitcoin in payment. The
city would eventually spend approximately $2.6 million recovering from the
attack.
March 2018. Baltimore’s 911 dispatch system was taken
down for 17 hours after a ransomware attack, forcing the city to revert to
manual dispatching of emergency services
April 2018. US and UK officials issued a joint warning
that Russia was deliberately targeting western critical infrastructure by compromising
home and business routers
May 2018. Researchers
reveal that a hacking group connected to Russian intelligence services had been
conducting reconnaissance on the business and ICS networks of electric
utilities in the US and UK since May 2017
May 2018. Within
24 hours of President Trump’s announcement that the US would withdraw from the
Iran nuclear agreement, security firms reported increases in Iranian hacking
activity, including the sending of emails containing malware to diplomats in
the Foreign Affairs ministries of US allies, as well as global
telecommunication companies
June 2018. The U.S.
Treasury Department announced sanctions against five Russian companies and
three individuals for enabling Russian intelligence and military units to
conduct cyberattacks against the U.S.
June 2018. Chinese
government hackers compromised the networks of a U.S. Navy contractor, stealing
614 GB of data related to weapons, sensor, and communication systems under
development for U.S. submarines
July 2018. Hackers
targeted the campaigns of at least two local Democratic candidates during
2018’s primary season, reportedly using DDoS attacks to disrupt campaign
websites during periods of active fundraising and positive news publicity.
July 2018. The U.S.
Department of Justice announced the indictments of 12 Russian intelligence
officers for carrying out large-scale cyber operations against the Democratic
Party in advance of the 2016 Presidential election.
July 2018. Microsoft
reveals that Russian hackers had targeted the campaigns of three Democratic
candidates running for the 2018 midterm elections.
July 2018. Security researchers detect a spike in
hacking attempts against IoT devices in Finland during the run-up to President
Trump’s summit with Vladimir Putin in Helsinki. The majority of attacks
originated in China.
July 2018. Security
researchers report that an Iranian hacking group had been targeting the
industrial control systems of electric utility companies in the U.S., Europe,
East Asia, and the Middle East.
July 2018. The
Department of Homeland Security reveals that a campaign by Russian hackers in
2017 had compromised the networks of multiple U.S. electric utilities and put
attackers in a position where they could have caused blackouts.
August 2018. Facebook identified multiple new disinformation campaigns on its platform sponsored by groups in Russia and Iran and involved 652 fake accounts, pages, and groups.
August 2018. Microsoft announces that Russian hackers had targeted U.S. Senators and conservative think tanks critical of Russia.September 2018. In a letter to Senate leaders, Sen. Ron Wyden revealed that a major technology company had alerted multiple Senate offices of attempts by foreign government hackers to gain access to the email accounts of Senators and their staff
September 2018. The U.S. State Department suffers a breach of
one of its unclassified email systems, exposing the personal information of
several hundred employees
October 2018. The U.S.
Justice Department announces criminal charges against seven GRU officers for
multiple instances of hacking against organizations including FIFA,
Westinghouse Electric Company, the Organization for the Prohibition of Chemical
Weapons, and the U.S. and World Anti-Doping Agencies
October 2018. The U.S.
Department of Homeland Security announces that it has detected a growing volume
of cyber activity targeting election infrastructure in the U.S. ahead of the
2018 midterm elections.
October 2018. The Centers for Medicare and Medicaid
Services announced that hackers had compromised a government computer system,
gaining access to the personal data of 75,000 people ahead of the start of ACA
sign-up season.
October 2018. Media reports
state that U.S. agencies warned President Trump that China and Russia
eavesdropped on his call made from an unsecured phone
November 2018. Security
researchers report that Russian hackers impersonating U.S. State Department
officials attempted to gain access to the computer systems of military and law
enforcement agencies, defense contractors, and media companies
December 2018. The United
States, in coordination with Australia, Canada, the UK, and New Zealand,
accused China of conducting a 12-year campaign of cyber espionage targeting the
IP and trade secrets of companies across 12 countries. The announcement was tied
to the indictment of two Chinese hackers associated with the campaign
January 2019. The U.S.
Democratic National Committee revealed that it had been targeted by Russian
hackers in the weeks after the 2018 midterm elections
June 2019. U.S. grid
regulator NERC issued a warning that a major hacking group with suspected
Russian ties was conducting reconnaissance into the networks of electrical
utilities.
July 2019. The U.S.
Coast Guard issued a warning after it received a report that a merchant vessel
had its networks disrupted by malware while traveling through international
waters
July 2019. Microsoft revealed that it had detected
almost 800 cyberattacks over the past year targeting think tanks, NGOs, and
other political organizations around the world, with the majority of attacks
originating in Iran, North Korea, and Russia.
August 2019. Russian hackers were observed using
vulnerable IoT devices like a printer, VOIP phone, and video decoder to break
into high-value corporate networks
Two responses occur to me
after reading the entire listing:
1.
contact your
congressman and Senators and tell them they must continue to thwart these
efforts through legislation and oversight of Executive responses
2.
if you suspect
any hacking of your own online materials by a foreign entity, or have some
back-up to prove its existence elsewhere, at least notify CSIS at techpolicy@csis.org.
1)
older systems are
“more likely to fail and are increasingly difficult to maintain.” In the 2018
midterm election, old and malfunctioning voting machines across the country led
to long lines at the polls, leaving voters frustrated – and, in some cases,
causing them to leave before casting a ballot;
2)
older systems are “less likely to have the
kind of security features we expect of voting machines today.” The National Academy of Sciences (NAS)
recently noted that “machines that do not produce a printout of a voter’s
selections that can be verified by the voter and used in audits – should be ‘removed
from service as soon as possible,’ to ensure the security and integrity of
American elections.”
Here’s
the good news: Since BCFJ’s last
update, “Congress provided $380 million in Help America Vote Act (HAVA) funds
to help states to bolster their election security. For the most part, states
have used this money for critical security measures.”
The
Election Assistance Commission (EAC) has reported that states “will use $136
million of this funding to strengthen election cybersecurity, $103 million to
purchase new voting equipment, and $21 million to improve post-election audits.”
The
bad news: “this only scratches the surface of
investments that are needed in the coming years…the way the money was
distributed means it was insufficient to replace the vast majority of the most
vulnerable machines before the 2020 election (if you want more information,
see:
From
the Brennan Center’s own research and monitoring of the current state of election
technology and security practices, we get a snapshot of the current state of
voting technology in the United States…
·
121 officials in
31 states said they must replace their equipment before the 2020 election,
largely related to the fact that voting machines across the country are “aging
out…” Two-thirds reported that they do
not have the adequate funds to do so, even after the distribution of additional
HAVA funds
·
45 states are
currently using voting equipment that is no longer manufactured
·
Election
officials in 40 states told us they are using machines that are at least a
decade old this year. The lifespan of electronic voting machines can vary, but
experts agree that systems over a decade old are more likely to need replacement
for security and reliability reasons.
·
to make matters
worse, many of the older machines have systems running software that was
developed decades ago, including Windows XP and Windows 7. Too often, vendors
no longer write security patches for such software, leaving machines more
vulnerable to cyberattacks.
·
a
disproportionate number of these old systems have no voter verified paper
backup, something that…’security experts around the country, have argued is an
unnecessary security risk.’ In 2019, 12 states still use paperless electronic
machines as the primary polling place equipment in at least some counties and
towns
·
Almost every
election official who responded that they planned on replacing voting equipment
also stated that their hope was to find new machines that produce voter-verified
paper backups that could be used in a recount or audit
·
A top funding
priority for election officials was the hiring of more IT support staff,
particularly at the local level.
·
Other items that
election officials mentioned include providing more training for their staff,
strengthening the physical security of their storage locations and polling
places and putting in place robust post-election audits
#3 Who Owns the Companies That Produce the
Voting Machines?—is a question being raised by states like North Carolina
and Maryland both of which experienced some indication of possible conflicts-of-interest
with companies used for 2016.
v North Carolina will require touchscreen-only voting
systems to be replaced with equipment that produces a paper record. The change
will affect machines in about a third of the state’s counties.
The move came a week after federal
authorities said they would finally conduct a forensic analysis of voter
check-in software (that failed on Election Day in 2016 in Durham County) to see
if Russian military hackers who targeted the software provider may have
tampered with registration information to disrupt voting -- the first known
federal probe of voting technology that malfunctioned during the 2016 election,
when Russian hackers infiltrated election systems in several states.
(they found no indication of foul play).
v Maryland officials learned last year that a company
maintaining their election infrastructure did not disclose that it was being
financed for more than two years by a venture fund whose largest investor is a
Russian oligarch. A U.S. Department of Homeland Security team found no evidence
of intrusion on the state’s election system, however.
“Peering into who is behind
voting-equipment makers is a long overdue step that few states have taken,”
said Lawrence Norden, an expert on voting machines with the Brennan Center for
Justice at New York University’s law school.
“We know very little about voting system vendors, and this is a crucial
piece of information,” he wrote in an email.
#4) NY
Reforms – Just how diligent has your local election board been about
instituting the voting reform measures that were signed into law by Governor
Cuomo in January of this year? Here is a
list:
a.
early voting Election Law 8-600 in effect – are adequate polling
places identified per the Law? “at least one early voting polling place for
every full increment of fifty thousand registered voters in each county;
provided, however, the number of early voting polling places in a county shall
not be required to be greater than seven, and a county with fewer than fifty
thousand voters shall have at least one early voting polling place.”
b.
pre-registration for 16- and 17-year-olds
c.
portability of registration records
d.
consolidated dates for state and federal primaries
e.
distribute ballots
to military voters farther in advance
of elections . The legislature also passed:
f.
constitutional
amendments to permit same-day registration (SB 1048) and
g.
no-excuse
absentee voting (SB 1049), both of which
will need to be passed again and then ratified by the voters.
Meanwhile, it is never too
early for progressives, democrats and independent voters (and any Republicans
who care to seek fairness in the election process) to raise these basic questions
with their local boards of election and government officials, just to see if
their commitment to just elections is solid and their follow-through actions
constitute a verifiable and justifiable conclusion.
CAUTION: the unnoticed nuts and bolts that hold something
together can age, rust and break causing a whole system to be corrupted and to
fail. Don’t take this situation lightly – there is a “cyber war” going on and
Russia is winning because we are not attending to our voting infrastructure!
