Election Security in an Age of Electoral Cyber Warfare
By: Maria Latimer
Election security has been an immense topic of debate since President Donald Trump secured the 2016 Presidential Election. Rumors swirled around media outlets, journals, and social media platforms insinuating that our election process, procedure, and overall outcome had been compromised by cyber-attacks and tampering by other nations such as China, North Korea, and Russia.
While there is no steadfast evidence to show that China did indeed tamper with our election, the barrage of investigation including Russian tampering is more evident. In fact, according to Politico, there is even evidence to suggest Russia may have tried to meddle with the recent midterm elections.
CNN has created a detailed timeline including some of the most notable incidents of cyber-attacks in the 2016 election. For example, on “July 13, 2018,The Justice Department announce[d] indictments against 12 members of the Russian intelligence agency, GRU, as part of special counsel Robert Mueller’s ongoing investigation. The indictment allege[d] that the Russians engag[ed] in a sustained effort to hack emails and computer networks associated with the Democratic party during the 2016 presidential campaign. Guccifer 2.0 was linked to Russian military intelligence, according to the indictments.”
We also know that Russia launched social media campaigns to engage in “information warfare” to assist in Trump’s candidacy. We also know that state and county agencies were breached during the U.S. electoral processes, including technology and their equipment.
Why is so much of our intelligence digital you may ask, if it causes so many problems and leaves us open to hacking, and an immense amount of cyber-attacks from all over the world? The Bush/Gore election can quickly answer that question. A battle over Florida ripened the need for a streamlined approach to counting ballots. “Over the past 16 years – ever since the epic, 36-day presidential showdown in Florida in 2000 that was resolved not by a full recount of the votes, but by a Supreme Court split along partisan lines – accusations of vote-rigging and out-and-out theft have become increasingly common among partisans on both sides, and the electoral process has become ever more politicized, rancorous and fraught with mistrust,” as written by Andrew Gumbel of The Guardian.
In addition to protecting against election cyber-attacks, the United States has its hands full protecting against computer network attacks from ISIS and other terrorist groups, all while also trying to protect against hacking of the United States’ economic mainframe, stock market, cryptocurrency marketplaces such as Bitcoin, military databases, and governmental agencies that hold top-secret information, to name a few.
At the end of the day, no matter how furiously our cyber security teams work to make our infrastructure stronger against hackers and terrorists who want to topple our democracy, our elections are still unsecured. Active steps need to be taken in order to resolve the issue of such a soft infrastructure, so easily hacked and manipulated when our country needs it to be the strongest.
Law enforcement programs are one step in the right direction. The Department of Homeland Security has launched specific programs to help combat cyber crime, as they work with other agencies to do so. “DHS components such as the U.S. Secret Service and U.S. Immigration and Customs Enforcement (ICE) have special divisions dedicated to combating cyber crime.”
Furthermore, Cyber Mission Force teams were created to defend the United States by “monitoring adversary activity, blocking attacks, and maneuvering to defeat them,” as stated by Steve Ranger.
But what is the law doing about cyber-crime? This answer varies, as there are an enormous amount of categories included in cyber-crime, such as identity theft, hackers, fraud, child pornography, and online solicitation.
To our issue, electoral cyber-crime, the National Conference of State Legislatures (NCSL) shows improvement with today’s laws in regulating these types of actions. “States are addressing cybersecurity through various initiatives, such as providing more funding for improved security measures, requiring government agencies or businesses to implement specific types of security practices, increasing penalties for computer crimes, addressing threats to critical infrastructure and more.”
There are also numerous statutes that were put into play as computer crime increased. According to the NCSL, “[a]ll 50 states have computer crime laws; most address unauthorized access or computer trespass.”
The DOJ has reported that they too will be assessing and responding to foreign influence operations due to Russia’s election meddling.
Will this be enough as technology continues to improve and countries scramble to keep up with one another? Legally, it seems as though the U.S. is playing catch up instead of preventing cyber-crime. Our next test will be the 2020 election, with the United States gathering knowledge and data until then.