Cyberwarfare / Nation-state attacks
Battling Foreign Hacking and Propaganda Campaigns Leads Agenda for Secretaries of State
This past weekend, secretaries of state from many U.S. states met in Washington to discuss their top issues and concerns, including how to combat attempts to interfere with or influence state elections.
See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach
The National Association of Secretaries of State event included a keynote address devoted to election cybersecurity. Many of the event’s attendees are directly responsible for overseeing their state’s election systems’ integrity and security (see Russia Will Meddle in US Midterm Elections, Spy Chief Warns).
The NASS winter conference began on Saturday, one day after Special Counsel Robert Mueller unsealed an indictment accusing 13 Russian nationals and three Russian entities of a criminal conspiracy designed to meddle in the 2016 presidential election. “From at least April 2016 through November 2016, defendants and their co-conspirators, while concealing their Russian identities and organization affiliation through false personas, began to produce, purchase and post advertisements on U.S. social media and other online sites expressly advocating for the election of then-candidate Trump or expressly opposing Clinton,” the indictment alleges (see US Indicts 13 Russians for Election Interference).
“Everyone in this room understands that what we are facing from foreign adversaries, particularly Russia, is real,” Chris Krebs, a senior Department of Homeland Security cybersecurity official, told the audience, Reuters reported.
Russia, he added, is “using a range of tools against us.”
Hackers Probing States’ Security
In June 2017, DHS officials told Congress that in 2016, attackers had probed 21 states’ networks and websites, including in some cases election systems (see Intelligence Panel Learns How to Hack Air-Gapped Voting Systems).
Jeanette Manfra, DHS’s cybersecurity chief, told lawmakers at the time: “We saw targeting of 21 states, and an exceptionally small number of them were actually successfully penetrated.”
NASS has stressed that this “exceptionally small number” was in fact only one state – Illinois – and that all targeted states received a direct notification from DHS in September 2017.
Illinois officials in August 2016 warned that state voter registration system records had been breached and 86,000 voter records potentially accessed by attackers.
In a statement released earlier this month, NASS says that regardless of the hack tally, state officials are concerned about the threat. “Please make no mistake, all 50 states consider themselves a target,” it adds.
Many States Respond
Many states have responded by purchasing more secure voting machines, switching to paper ballots, delivering better information security training to their personnel as well as working more closely with the federal government to defend against future hack attacks, Reuters reports.
DHS has taken the lead in helping states to secure voting machines, although officials have stressed that there are no indications that voting machines were hacked during the 2016 elections.
“The American public’s confidence that their vote counts – and is counted correctly – relies on secure election infrastructure,” Secretary of Homeland Security Kirstjen M. Nielsen says in a statement. “The first primaries of the 2018 midterm election cycle are just around the corner, and DHS and our federal, state and local partners have been working together for more than a year to bolster the cybersecurity of the nation’s election infrastructure.”
Nielsen and other DHS officials met with NASS’s executive board last week.
“DHS reiterated the department’s commitment to working with election officials and system owners to support their efforts and determine where DHS support adds the most value,” the agency says in a statement. “The department lends its expertise and services to election partners on a voluntary basis, including risk and vulnerability assessments, cyber hygiene scans, providing real-time threat intelligence feeds, issuing security clearances to state officials, partnering on incident response planning, and delivering cybersecurity training.”
Some of the secretaries of state in attendance at the conference, however, told Reuters that they have yet to receive assistance from the federal government to help them combat foreign propaganda campaigns against their residents.
White House’s Response
In January 2017, the U.S. intelligence community said in an assessment that it had “high confidence” that “President Vladimir Putin ordered an influence campaign in 2016” designed to disrupt the U.S. elections.
But the White House has continued to prevaricate over Russia’s alleged information warfare and U.S. political and election meddling activities.
President Donald Trump has repeatedly questioned the intelligence community’s findings. “Every time he sees me he says, ‘I didn’t do that,’ and I really believe that when he tells me that, he means it,” Trump told reporters in November after meeting with Russian President Vladimir Putin at the Asia-Pacific Economic Cooperation summit in Vietnam.
Legal experts, however, note that the unsealed indictment now makes official the U.S. government’s allegations that Russia was running a troll factory designed to influence U.S. politics, including the 2016 elections.
Federal law makes it a crime for foreign nationals to use financial means to attempt to influence U.S. elections.
Fears Over Further Interference
Last week, testifying before the Senate Intelligence Committee, the nation’s intelligence chiefs warned that they had seen no decrease in Russia’s efforts.
“We have seen Russian activity and intentions to have an impact on the next election cycle,” CIA Director Mike Pompeo told the Senate Intelligence Committee.
Cybersecurity expert Tom Kellermann says Mueller’s Friday unsealing of the indictment, which alleges that a Russian-funded criminal conspiracy meddled in U.S. political affairs including the 2016 presidential election, may herald the U.S. government “slowly beginning to take its gloves off.”
At the NASS conference, however, the unsealed indictment reportedly amplified existing fears over election interference. “Loud and clear I hear that the biggest threat is this campaign of disinformation as opposed to the election process itself,” Denise Merrill, a Democrat who serves as Connecticut’s secretary of state, told Reuters.
The threat of interference in elections by foreign actors is real, but we are working hard to ensure that CT elections are protected
— Denise Merrill (@SOTSMerrill) February 17, 2018
Some attendees told Reuters that while working relationships with DHS have improved, classified briefings delivered by U.S. intelligence agency officials during the conference were unhelpful.
“I don’t want to find out about propaganda two years later, after I elect my congressman,” Mississippi Secretary of State Delbert Hosemann, a Republican, told Reuters while holding a printout of the 37-page indictment.