https://www.lawfareblog.com/op-ed-future-election-security
By Alex Stamos
Lawfare.com
September 4, 2019
There have been many pieces, in Lawfare and elsewhere, about the weaknesses in
America’s political and election systems. In my career as a security executive,
I sometimes found it difficult to communicate risk to non-expert audiences when
focusing on a specific vulnerability. It is often more effective to paint a
dire but realistic scenario relying on the proven capabilities of real
adversaries combined with a variety of known, systemic issues.
Below is a potential Lawfare piece from New Year’s Day 2021, following a
not-quite-worst-case scenario of election interference using real
vulnerabilities in U.S. electoral systems, as well as social media, traditional
media and the political sphere. For a more thorough discussion of weaknesses
and recommended mitigations, please see the election security report from my
colleagues and me at Stanford’s Cyber Policy Center.
***
Jan. 1, 2021
New Year’s Day is traditionally spent recovering from the previous night’s
revelry. This year, the United States awakens to the greatest New Year’s
hangover in the country’s almost 245-year history: a crisis of constitutional
legitimacy as all three branches of government continue to battle over who will
take the presidential oath of office later this month. This coming Wednesday,
Jan. 6, a joint session of Congress will meet for what is a traditionally
perfunctory counting of the Electoral College votes. With lawsuits still
pending in seven states, both major-party candidates claiming victory via
massive advertising campaigns and the president hinting that he might not
accept the outcome of the vote, it’s time to reflect on how everything went so
very wrong.
The first signs of external interference were seen in the spring of 2020. As
the Democratic primary field narrowed, a group of social media accounts that
had voiced strong support for particular candidates early on pivoted from
supporting their first-choice candidates to alleging that the Democratic
National Committee (DNC) had unfairly rigged the primary. The uniform nature of
these complaints raised eyebrows, and an investigation by Twitter, Google and
Facebook traced the accounts back to American employees of a subsidiary of the
Sputnik News Agency—an English-language media entity owned by the Russian
state. Yet as these groups were careful not to run political ads and to use
U.S. citizens to post the content, there was no criminal predicate for deeper
law enforcement investigations.
The activity around the election intensified in the summer, when medical
records for the son of the presumptive Democratic nominee were stolen from an
addiction treatment center and seeded to the partisan online media. But that
wasn’t all: Less than 24 hours later, embarrassing photos from the phone of the
incumbent president’s single, Manhattanite daughter were released on the dark
web. While the FBI has remained silent on the matter, citing an ongoing
investigation, the New York Times recently quoted anonymous NSA officials
attributing the first leak to Russia’s SVR intelligence service and the latter
to the Chinese Ministry of State Security. As to why Russia and China appear to
be backing opposing candidates, America’s adversaries do not necessarily share
the same geopolitical goals, and it is clear that the Chinese are no longer
willing to sit on the sidelines of U.S. politics while the Russians interfere.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
