Clichéd as the concept of a perfect storm is, the term feels like an appropriate way to describe the cybersecurity challenges U.S. voters face in the November 2020 election.
Since 2016, cybersecurity and election experts have been sounding an ever-louder clarion call to take aggressive steps to ensure that computerized voting machines are secure enough to properly enroll registered voters, record their votes, and accurately count them. They have also been urging states and municipalities to take steps to protect elections from foreign manipulation, including using education and awareness to mitigate the spread of election disinformation over social networks.
The campaign against election hacking began long before the Covid-19 pandemic killed more than 218,000 people in the United States, throwing into disarray countless lives, businesses, and voting traditions.
READ MORE ON ELECTION SECURITY
How experts plan to secure the 2020 election
To protect a political campaign, re-read the Mueller Report
Election hackers are ‘waiting for the bigger prize in 2020’ (Q&A)
Open source the secret sauce in secure, affordable voting tech
Funding fights lead to vulnerable votes
Experts disagree on how to secure absentee votes
Why current funding to secure U.S. elections ‘doesn’t cut it’ (Q&A)
There’s more to election integrity than secure voting machines
Mueller’s indictment of election hackers a cybersecurity ‘wake-up call’
While some officials have been taking the hydra-headed threats to elections seriously, others have not. Polls currently indicate ongoing uncertainty in all aspects of the election: the mechanics of how to vote, the trustworthiness of vote tabulation, the unfounded fear of fraudulent votes, and even how rapidly the election outcome will be known. A Pew Research study published on October 14 indicates that there are large divides between voters along political-party lines in all four of those categories.
Misinformation and disinformation
One of the top questions about the 2020 election concerns whether we’ll see foreign disinformation campaigns seeking to influence the outcome similar to the ones we discovered in 2016. About three-fourths of Americans are worried about foreign governments and their allies interfering in this year’s election, with good reason. In September, FBI Director Christopher Wray told the House Committee on Homeland Security that Russia has been attempting to damage former U.S. vice president and Democratic Party nominee Joe Biden’s campaign with “very active efforts” across social media, state media, online journals, and proxies.
“[W]e’ve had four years since 2016, when foreign actors and malign agents were trying to get into our election system, which should have been a hair-on-fire moment for our election officials.”—Susan Greenhalgh, senior advisor for election security, Free Speech For People
Wray’s comments were followed on October 14 with a New York Post story about alleged emails from Hunter Biden, son of Joe Biden, that appear to encourage his father to meet with an adviser to the board of the Ukrainian oil company on which the younger Biden served—an apparent conflict of interest. The Bidens deny that the emails are authentic, and the evidence that supports the allegations appears to come from Russian sources. The provenance of the story is so specious that one of the reporters bylined on the Post article says she did not work on the story at all.
Part of what makes it harder to fight disinformation this year, experts say, is that foreign adversaries aren’t the only ones promoting disinformation. The White House itself is involved in its spread. President Donald Trump’s personal lawyer and former cybersecurity czar, Rudy Guiliani, provided the alleged Biden emails to Fox News, which initially declined to pursue the story.
Guiliani then took them to the Post. Reporters have documented ties between the former mayor of New York City and pro-Russia Ukrainians and Russian operatives who have been known to conduct disinformation campaigns. (Guiliani also made a less-than-flattering appearance in Sacha Baron Cohen’s newest Borat comedy, in which he says China manufactured the coronavirus and deliberately spread it around the world.)
“The most important thing to understand is that the voting-threat model is absolutely unique. It’s not like banking, health data, the military, or anything else we consider high security.”—Ben Adida, founder, nonprofit election equipment vendor VotingWorks
Like in previous election years 2016 and 2018, disinformation campaigns this year have goals that depend on the varying content of the allegations, says Pablo Breuer, co-founder and vice president of the Cognitive Security Collaborative and a member of the People Centered Internet organization. But this year, he says, politically driven efforts to dissuade voters from trusting the ballot-casting and ballot-counting processes have cast a new dangerous threat to the elections, amid a pandemic that has forced municipalities to consider voting methods such as mail-in voting that they have previously been reluctant to embrace.
“This year, with all the mail-in voting, it’s going to take a while to count all the votes. I think there’s going to be a massive disinformation campaign to harm the post-election count,” Breuer says. “The campaigns will focus on voter suppression before the vote, and the legitimacy of the election after the vote.”
This story was originally commissioned by Okta. Read the full story here.
Correction: A previous version of this story misidentified Greenhalgh, she is the senior advisor for election security at Free Speech For People.