U.S. Election Security (and Insecurities)

It has been a month since the U.S. 2020 General Election has passed. The election, according to then-Director of CISA Christopher Krebs in mid-November, was the most secure in history with no cases of widespread election fraud. U.S. Attorney General William Barr, echoed Krebs’ belief, noting Dec. 1 that both U.S. attorneys and FBI special agents were following up on specific complaints in accordance with his October 2020 directive and “to date, we have not seen fraud on a scale that could have effected a different outcome in the election.”

The early efforts of the Federal Bureau of Investigation (FBI) and Department of Homeland Security’s Cybersecurity Infrastructure Security Agency (CISA) to stem any foreign election interference and shenanigans were provided to all, early and often.

The election processes and procedures are not centralized in the U.S., with states and counties controlling how elections are handled in their areas. CISA’s resources were availed in the form of checklists, guides, fact sheets, infographics (including a disinformation toolkit), plans and reports and rumor control. The counties and states, while independent, were not alone in their preparatory efforts.

Looking back with far better vision than early prognostication permitted, the FBI’s warning did evolve, and attempts made to influence public opinion did occur (and still are occurring), though one might say the Russian effort was half-hearted perhaps owed more to the successes of the U.S. entities in securing the infrastructure surrounding the election process and being well-prepared. Nevertheless, the propaganda voice of Russia, RT, put its 2 cents into the pot at every opportunity to cast doubt on the U.S. election process.

Iran’s efforts were disrupted, according to National Security Agency Director and U.S. Cyber Command General Paul Nakasone, who revealed his organization launched an operation targeting the Iranian Revolutionary Guard Corps. Two weeks prior to Nov. 3 (election day), an IRGC group posing as a far-right group by pumping out email and video designed to project an insecure election, was neutralized.

Our hindsight allows us to connect the actions of the CISA, FBI and NSA Cyber Command to the very public warnings of Sept. 22 provided by CISA and the FBI in their public service announcement “Foreign Actors and Cybercriminals Likely to Spread Disinformation Regarding 2020 Election Results.” The key takeaway from the PSA was the fact that website defacement is not equal to vote or vote system tampering.

While Nakasone’s cyber teams were actively taking down foreign capability, FBI Director Christopher Wray was promptly addressing the foreign efforts that had successfully landed. On Oct. 21 he addressed the “spoofed” emails being sent to Florida voters whose email addressed were harvested from publicly accessible voter rolls: “We are not going to tolerate foreign interference in our elections or any criminal activity that threatens the sanctity of your vote or undermines the public confidence in the outcome of the election,” he said. “When we see indications of foreign interference or federal election crimes, we’re going to aggressively investigate and work with our partners to quickly take appropriate action.”

CISA’s rumor control proved to be a go-to source of truth in the days immediately following. Post-election rumors addressed and debunked included:

• A bad actor could change election results without detection.
• Votes are being cast on behalf of dead people and these votes are being counted.
• More votes in one contest than other contests on the ballots means the results cannot be trusted.
• DHS or CISA printed paper ballots with security measures and is auditing results as a countermeasure against ballot counterfeiting.
• If results as reported on election night change over the ensuing days or weeks, the process is hacked or compromised so I can’t trust the results.
• Provisional ballots are only counted if there’s a close race.
• Witnessing election officials marking ballots means that fraudulent voting is taking place.
• If election night reporting sites experience an outage, vote counts will be lost or manipulated.
• If the election night reporting webpage is defaced or displays incorrect results, the integrity of the election is compromised.
• If a social media account claims an identity, the account must be run by that person or organization.
• I received an election-related email that looks like it came from a certain organization, so that organization must have sent it.

The adage, “No good deed goes unpunished,” sadly remains true. In mid-November, current president Donald Trump, reluctant to accept the results of the election, fired CISA’s director Krebs via Tweet.