Analysis | The Cybersecurity 202: Election operations are holding up so far against a wave of hacks and technical failures
with Tonya Riley
The week before Election Day has seen a wave of digital attacks on election systems and technical foul-ups, but officials are mostly parrying the blows to keep voting going on as planned.
The most concerning hit came late yesterday, when the Wall Street Journal reported that hackers who compromised some election systems in Hall County, Ga., earlier this month had posted a small trove of nonpublic information, including voters’ social security numbers, as a ploy to persuade the county to pay a ransom.
Officials’ greatest fear about such strikes, called ransomware attacks, is that hackers could seize voter registration databases and hold them hostage during voting so it becomes exceedingly difficult to check in voters.
This is far from that worst case scenario because it hasn't impeded any voting operations. But knowing that the act of voting put their personal data at risk is sure to have a chilling effect on some people. The hackers also teased the release as “example files,” which suggests they could release more sensitive and damaging information later.
That was just one example of election officials’ rough day.
But the other challenges, while daunting, generally demonstrated a robust election system that’s capable of handling such problems.
- In Florida, Gov. Ron DeSantis (R) showed up to vote, only to find that a fraudster had changed his address. But DeSantis was still able to cast his ballot. The fraudster who changed his address was arrested and is facing felony charges.
- In Washington state, officials alerted the Department of Homeland Security about a suspect website sharing voter turnout information that it feared could be used to spread disinformation. A few hours later, the site added a label clarifying that it isn’t a government site but is passing along public information released by the secretary of state’s office.
- In Fort Worth, a bar-code error led to about 20,000 mail ballots being unreadable by the Tarrant County ballot scanners. But Tarrant County officials assured voters that all of the ballots with faulty bar codes will still be counted. To make that happen the county’s ballot board will have to manually copy data from all of the ballots with defective bar codes onto fresh ballots with bar codes that can be ready by the county’s scanners.
The stories reflect a broadly successful election so far as the total number of votes cast by mail and early voting has topped 50 percent of all votes cast in the 2016 election. The disruptions fall far short of the Russian hacking and disinformation operations that rocked the last presidential contest and the sort of widespread digital attacks that election officials have been preparing for since 2016. Still, officials remain on high alert should problems still arise before or on Election Day.
Acting homeland security secretary Chad Wolf warned in a CBS News interview that the final week before the election offers a “prime opportunity for any adversaries, whether it be Russia or Iran or it’s a cyber actor,” to interfere.
While local officials are doing their best to sustain confidence in the election’s integrity, Trump continues to degrade it.
The president told reporters that he hopes the courts will stop states from counting ballots if they haven’t completed the job on election night, his most direct criticism to date of what has been standard practice in U.S. elections.
That attack goes a step further than President Trump’s earlier and frequent criticism of states that plan to count ballots that arrive after Election Day but were postmarked on Election Day or earlier.
In fact, it’s common for states not to complete counting ballots on election night during normal election cycles. The counting will surely take longer this year because of a surge in mail ballots and restrictions in some states on processing those ballots before Election Day.
Democrats were quick to denounce the comments.
House Speaker Nancy Pelosi (D-Calif.) accused Trump of undermining “the integrity of the election,” in an MSNBC interview.
“The easiest thing for him to do is to stand up like a man and accept the results of an election of the American people,” Pelosi said. “For him to make these kinds of statements shows his lack of patriotism, his undermining of our elections, while he allows foreign countries like his friend Putin to undermine the integrity of our election. He himself is doing it as well.”
Sens. Amy Klobuchar (D-Minn.) and Bernie Sanders (I-Vt.) attacked Supreme Court Justice Brett M. Kavanaugh for seeming to echo in a concurring opinion for the court Trump’s incorrect statements about voting by mail and claims of fraud.
In an opinion blocking Wisconsin from accepting mail ballots that arrive after Election Day, Kavanaugh wrote that “states also want to be able to definitively announce the results of the election on election night, or as soon as possible thereafter.”
In fact, states never announce official results on election night, though media often does based on early vote totals and exit polls.
“In America, we count the votes to determine who wins an election,” Klobuchar and Sanders said. “Despite the incorrect assertions from President Trump and Justice Kavanaugh, election officials across the country accept ballots well after Election Day every year, and results are not certified until the votes are counted and a canvas to confirm the results is conducted. Absentee ballots counted after election day do not ‘flip the results of an election,’ as Justice Kavanaugh claimed. They are the results of the election.”
Hospitals are being hammered with targeted ransomware attacks from Russian-speaking criminals.
The attacks have locked up computer systems at hospitals that are already stressed by the coronavirus pandemic and forced them to refuse patients, Ellen Nakashima and Jay Greene report.
The attacks hit six hospitals from California to New York in the space of 24 hours this week, locking up computers and demanding up to $1 million in ransom. The FBI, the Department of Homeland Security and the Department of Health and Human Services issued a joint advisory alerting health-care providers to the threat.
“The events unfolding right now have the potential to cause the loss of life, potentially across multiple hospitals,” Charles Carmakal, chief technology officer for Mandiant, a cybersecurity firm, which has helped some of the hospitals affected try to recover their data, told my colleagues.
There’s no evidence the Russian government is involved in the attacks, but it may be intentionally turning a blind eye, FireEye director of intelligence analysis John Hultquist said on Twitter.
Former DHS chief of staff comes out as “Anonymous” Trump critic.
The official, Miles Taylor, caused a splash with his anonymous 2018 op-ed and tell-all book that criticized the president as unstable, Colby Itkowitz and Josh Dawsey report. He has has since come out against the administration publicly and endorsed Democratic presidential nominee Joe Biden.
Taylor, among other criticisms has charged that the president was disinterested in election security and made the Department of Homeland Security’s work protecting the 2018 and 2020 elections against cyberattacks harder.
In a Medium post revealing his identity, Taylor asserted that his criticisms of Trump were “widely held among officials at the highest levels of the federal government.”
The White House disputed Taylor’s claims. “This low-level, disgruntled former staffer is a liar and a coward who chose anonymity over action and leaking over leading,” White House press secretary Kayleigh McEnany said in a statement. “He was ineffective and incompetent during his time as DHS Chief of Staff which is why he was promptly fired after only serving in this role for a matter of weeks.”
Taylor, who worked on terrorism and cybersecurity at the agency, is currently on leave from his policy job at Google. His previous work assisting then-Homeland Security Secretary Kirstjen Nielsen with talking points about the department’s family separation policy for immigrants, sparked a backlash among Google employees, BuzzFeed News reported.
Tech executives continue to see foreign interference efforts ahead of the election.
The chief executives of Twitter, Facebook and Google testified in front of Congress about the steps their companies are taking to combat foreign influence, Cat Zakrzewski reports.
Google, Facebook and Twitter have all taken down influence campaigns from Russia, Iran and China leading up to the election.
“It’s an area where we would need strong cooperation with government agencies moving forward,” Google CEO Sundar Pichai said.
Republicans also grilled Facebook and Twitter about their decisions to limit the spread of a New York Post story about emails allegedly belonging to Hunter Biden. They accused the platforms of bias against conservatives.
Facebook chief executive Mark Zuckerberg said his company's decision to limit the story was informed by a recent FBI warning to be on alert for potentially hacked documents. The Washington Post has not been able to verify the authenticity of the emails reported by the New York Post.
But the CEOs also deflected some responsibility.
Zuckerberg said that it was ultimately the U.S. government’s responsibility to stop countries like Russia from interfering in U.S. democracy. Twitter chief executive Jack Dorsey rebuked claims by Sen. Ted Cruz (R-Tex.) that Twitter could influence the election.
Iranian hackers posed as security conference organizers in an attempt to hack high-profile officials.
The hackers sent spoofed email invitations to potential attendees and were able to compromise several victims, Microsoft reported.
More cybersecurity news:
And the winner for best hacker blazer is…Alex Stamos, director of Stanford University's Internet Observatory and former cybersecurity chief at Facebook and Yahoo. Thanks to the Wall Street Journal’s Dustin Volz for this very illuminating poll. I guess for FireEye's Johhn Hultquist and Crowdstrike co-founder Dmitri Alperovitch, protecting the nation against sophisticated foreign hacking groups will have to be its own reward.
For the record, we’re still reigning champions in the cybersecurity-news-team-in-hoodies department.
- The Cybersecurity Coalition and the Cyber Threat Alliance will host CyberNextDC on Nov. 17-18, starting at 11 a.m.
Secure log off
Here’s how to spot voter-intimidation at your polling place:
or reload the browser