Homeland and national security officials are worried about how Russia could significantly exploit US divisions over the November midterms, considering scenarios like Russia staging smaller hacks of local election authorities – done with the deliberate purpose of being noticed – and then using that to seed more conspiracies about the integrity of American elections.
These efforts, the officials said, would be designed to dovetail with the false doubts about the 2020 presidential election spread by former President Donald Trump and many of his allies.
The five current and former US officials who spoke to CNN stressed that such a scenario remains hypothetical.
Although US elections have become more secure in recent years, officials say that an atmosphere of distrust in America’s elections, coupled with the sheer number of local election systems, means there’s no way to truly be ready for such a convergence of Russian asymmetric warfare techniques.
Administration officials agree with local election officials that the problem goes beyond inevitable security shortfalls. Current and former officials say little has been done to inform, let alone convince, American voters that Russia is trying to attack US elections again.
That’s creating a battle for public perceptions of the security of elections, which often don’t mirror the reality of how secure they are.
“If something small happens, it will feed into the mania and chaos, and all of a sudden people will think all the elections are completely insecure,” said Nicole Tisdale, who until April was the legislative affairs director at the National Security Council and previously served as the director for cybersecurity and counterintelligence with the House Homeland Security Committee.
“It’s not about fixing a small problem so that it doesn’t become a bigger problem. It’s about what happens when folks feel there’s been any leak in the boat, and folks thinking that the whole thing could sink,” Tisdale said.
An example of how officials believe the threat could play out: Russian hackers breach a local county voter registration system, making sure to get detected. They would then post information and proudly take responsibility rather than blame third-party hackers, as they did in 2016. Then, other Kremlin-backed forces would amplify the problems on Facebook and Twitter, aiming to churn up angry – and violent – reactions.
“Russia doesn’t have to do anything in advance of the election – just observe where operational challenges occur and use that issue to exploit the subsequent distrust and division,” said one US official involved in election security. “The asymmetrical advantage is astounding.”
It likely wouldn’t take much to further undermine faith in American elections – as this month’s public hearings of the House select committee investigating the January 6, 2021, attack on the US Capitol have shown.
Adrienne Ray, the elections supervisor and registrar in highly competitive Peach County, Georgia, said she feels under siege, trying to keep her systems from being at the center of a story about international espionage. In the meantime, she relies on her IT guy, while taking online classes about election security offered by the Georgia secretary of state’s office.
“I’m not a whiz at what these people could do,” Ray said. “But we try our best to be as secure as possible. … Do I know if I’m getting everything I need to know? I don’t know.”
Russian efforts capitalizing on American divisions
Earlier this month, the Department of Homeland Security’s Office of Intelligence and Analysis warned that Russia will “likely” look to depress voting and “probably” try to undermine the November midterms in revenge for the American-led response to the invasion of Ukraine, according to a newly declassified DHS report obtained by CNN.
“We expect Russian interference in the upcoming 2022 midterm elections, as Russia views this activity as an equitable response to perceived actions by Washington and an opportunity to both undermine US global standing and influence US decision-making,” states the report, titled “Key Threats to the Homeland Through 2022.”
Russian attempts to interfere with and undermine American elections have been happening for almost a decade, but the evolution has US officials on edge. Most of the hacking that was tracked in 2016 was probing, looking for openings. Disinformation efforts were still rudimentary, elevating a few voices spouting racial divisions and disappointment in their candidates losing. But those efforts now more often use a wide array of avenues to play off divisions within the US about immigration, Covid-19 restrictions and 2020 election conspiracies. Meanwhile, intelligence officials say the disinformation methods have become broader and more sophisticated, as have the attempts to combine them.
Explaining Russian interference and the ways in which those efforts look to play off current divisions, officials argue, would be essential to both understanding and withstanding the threat – but just doing so often runs up against the hyperpartisan reality.
“It’s sometimes difficult to even discuss mitigation activities because of the political environment in Washington,” said John Cohen, who until last month served as the acting undersecretary for intelligence and analysis at the Department of Homeland Security. “There are foreign nations like Russia who are seeking to destabilize and weaken the United States, and they do that by pushing out information meant to exacerbate the social fractures of our society.”
Local election offices have stepped up their own security, but it’s not clear that will be enough.
In small-but-competitive Sauk County, Wisconsin, results received into the main clerk’s office are then verified by phone calls to officials at each polling place, followed by a full canvas to make sure the numbers and records match up. Equipment is kept locked up and under video surveillance. None of the machines are connected to the internet, and two-factor authentication is required even to get into employee desktops.
“This is way different from when I started, that’s for sure,” said Becky Evert, the Sauk County clerk, reflecting on how she’s had to respond to the threat of Russian hacking.
Evert said that she’s confident that any breach would be caught but that she hadn’t considered what it would mean if the intention was to get caught. Some funding for new security came from the state, but she said she hasn’t been directly in touch with the federal government.
In Philadelphia, the city has disconnected its election management system from the internet and met with state and federal authorities running “tabletop” exercises to iron out communications and plans for what to do if they detect a breach – including trying to wrap their heads around what to do if the breach is meant to be detected.
“I’ve had to become sort of an expert in election security, cybersecurity, GIS (geographic information system) mapping, social mapping, physical security, I know more information about things that I never thought I’d know anything about,” said Lisa Deeley, a Philadelphia city commissioner, calling threats the “scary and unpleasant” part of her job. “Unfortunately, this is the world of elections today.”
“If there was some kind of breach, the city and the state and the federal government would all align and give us the defense that we needed,” Deeley said, while adding, “With elections, there’s always a need for more funding and more resources.”
Growing concern about elections as November approaches
The DHS intelligence assessment of current threats obtained by CNN states that Russia remains a top threat “particularly in response to international pressure following its unprovoked attack on Ukraine.”
The DHS assessment also includes threats from China and Iran, though they are not primarily election-related. The China threats listed include cyber-espionage, predatory economic activity and influence campaigns to promote Beijing’s interests. The Iran threats include cyber-threats to critical networks and “stoking divisions within the United States and creating pressure on Washington to change its policy on Iran,” as well as more conventional terrorist attacks via Hezbollah or other proxies.
The threat assessment from Russia is different, however. Whether by dissuading Americans from voting, convincing them the votes are crooked or just making them lose faith in the candidates and institutions involved, “Moscow’s overarching objective is to undermine the US electoral process and weaken the United States through social and political discord, division, and distraction,” the report states.
As Russian President Vladimir Putin accelerated toward his invasion of Ukraine in February, officials from DHS and other agencies began meeting daily to discuss potential threats and responses. Election security was one of the topics from the start, though at that point – with November many months away – they focused mostly on more immediate possible vulnerabilities around power grids and banking systems.
“People believe that this is one of these ways in which Putin potentially gets back at us without triggering a kinetic response of some kind. There’s a lot of concerns that if he were to try to punch back at us for supporting Ukraine, this is one of the ways he’d do it,” said an administration official familiar with the internal discussions.
Those meetings have grown less frequent, but the concerns around elections have grown, as November has gotten closer and the Russian quagmire in Ukraine has continued.
The alert has remained high within the White House and among the members of the interagency election security group created in the Biden administration, even as they’ve struggled with what to do. White House officials are aware that any attempt by President Joe Biden to speak about disinformation or Russian hacking would immediately be seen as political, as would most efforts by the federal government to fell local authorities how to administer elections.
“The federal government is still trying to figure out how to bring together all of the capabilities it has to engage in a comprehensive manner,” Cohen said.
A National Security Council spokesperson declined comment.
Though national security officials did not initially believe that Putin was moving on Ukraine with the intention of creating problems geared toward the US midterms – either through driving up gas prices or sowing a general sense of chaos – as the crisis escalated, according to two officials, the intelligence became increasingly concerned that the American response would convince Putin that the 2022 elections were a legitimate and high-priority target.
After an atmosphere of distrust during the 2016 election, federal, state and local officials have worked more closely to share threat intelligence and drill for cyber and physical threats, observers say. That work includes helping move state and local offices to the “.gov” internet domain, which makes it easier to identify official sources of information on elections, and federal vulnerability assessments for election-related computer systems. According to the left-leaning Brennan Center for Justice, an estimated 93% of votes cast in the 2020 election had a paper record – up from 82% in 2016 – serving as an important check against potential tampering.
Reviewing some of the information that led to the DHS report, the department’s intelligence officials have briefed state and local election authorities about threats in recent months. DHS last year hired former Washington state Secretary of State Kim Wyman, a Republican, as a top elections security official, and she’s already been to 17 states promoting the department’s services.
Sometimes, though, the efforts amount to sending around best practices guides and hoping election officials pay attention.
A Homeland Security spokesperson noted the regular collaboration with the intelligence community in tracking threats, and the department’s role in sharing that with the full range of election administrations.
Since Alejandro Mayorkas took over as DHS secretary at the beginning of the Biden administration, the spokesperson said, “DHS has enhanced operational collaboration with partners across every level of government, including by sharing timely and actionable information and intelligence regarding the threat environment to protect communities across our country.”
Secretary of state offices in Michigan and Colorado both said they are continually working to protect their election systems, including working with federal partners, but a spokesperson for the Colorado office noted that it has only heard “generic, not specific to elections, warnings about the potential for Russia to seek to disrupt their adversaries while they are engaged on the Ukraine front.”
The concerns remain high across government. Recently, 17 Democratic senators signed a letter, addressed to the secretaries of defense and homeland security, as well as the directors of the FBI, CIA and National Security Agency, asking what was being done to protect the “ripe target” of the midterm elections.
“As we witness an alarming increase in Russian disinformation campaigns following Putin’s invasion of Ukraine, we must remain vigilant in protecting our elections from potential malign influence operations,” Minnesota Sen. Amy Klobuchar, who spearheaded the letter, told CNN.
Sean Lyngaas contributed to this story.