During this year’s 26th annual DEFCON convention, a massive event organized by and for hackers, an 11-year-old girl was able to successfully hack into a ES&S M650 Optical Scan Tabulator, the machine used in Florida elections to tabulate votes, in just 10 minutes. Yeah. Sleep tight, America. People who believe the Russians aren’t trying -- and succeeding -- to do the same in real life are lying to themselves. That includes the president.
Several weeks ago, Donald Trump was asked whether Russian military intelligence operatives working on orders from Vladimir Putin were still engaged in a cyber-war against the United States, specifically against our elections and our national sovereignty.
Trump replied, “Thank you very much, no.”
Vega followed up: “No? You don’t believe that to be the case?”
“No,” Trump insisted.
The president was, of course, lying. Having heard firsthand from the people he handpicked to run America’s intelligence community, who all agree that Russia continues to attack us, Trump continues to deny it in public. Imagine George W. Bush telling reporters, after wrapping up his reading of "My Pet Goat," that terrorists weren’t attacking us, even while the World Trade Center towers crumbled and the Pentagon burned. The absurdity of Trump’s lie can only be matched by the absurdity of his myriad other lies.
How do we know Trump is lying? Besides the fact that he’s saying words and those words usually form a lie, we know he’s lying because we can see elements of the attack happening in real time. The crisis continues. The most unsettling aspect of the attack is that it could easily change vote totals in favor of Vladimir Putin’s favorite president and could do so in ways so subtle as to escape suspicion. We’ll circle back to this.
Meanwhile, it helps to familiarize ourselves with the various fronts of the current attack -- the fronts that we know about.
- A couple of weeks ago, we observed as Russian trolls and bots helped circulate the WalkAway hashtag, swarming Democrats who might be susceptible to the idea of leaving the party, thus disrupting the so-called “blue wave.” Even a cursory look at mentions of the hashtag show a legion of trolls and bots joining the usual Red Hat screechers. This alone shows the Russians are back to psychological warfare on social media (as if they ever left).
- Microsoft helped to weed out a spear-phishing attack against several congressional candidates. Politico reported:
"Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks,” said Tom Burt, Microsoft’s vice president for security and trust, at the Aspen Security Forum. “And we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections.”
- Perhaps related was the reported spear-phishing attack against Sen. Claire McCaskill, D-Mo., who told the Daily Beast that the attack targeted her staffers and was ultimately unsuccessful. According to McCaskill, it took place a year ago this month, so perhaps the Russians were getting a jump on the midterm election cycle.
- Federal officials confirmed that “Fancy Bear,” the team of hackers reportedly linked to Russia’s GRU, installed malware on hundreds of thousands of routers in the United States and two other nations.
- In March, Homeland Security reported that Russian hackers had infiltrated American infrastructure, specifically the electrical grid. Anyone who cherishes the integrity of our elections should demand to know what will happen if the power unexpectedly goes out in key districts where Democrats have a shot at seizing Republican-held seats.
- Sen. Bill Nelson, D-Fla., said last week that Russians had worked their way into the voting systems of various Florida boards of election. Nelson told reporters, “They have already penetrated certain counties in the state, and they now have free rein to move about.” While it’s possible Nelson was referencing reports showing that Russians had been able to penetrate election systems in more than 20 states, including Florida, back in 2016, it’s also possible that Nelson is privy to new information that we’re obliged to take seriously.
- Trump’s director of national intelligence, Dan Coats, said recently that the warning lights are flashing red — “again,” and another attack is imminent.
- We also know through the recent indictments of 12 Russian GRU operatives that materials already stolen from Democratic servers can be used to target individual voters with propaganda. The indictment notes that Russians absconded with the Democratic Party’s analytics database, used for micro-targeting of voters, which could allow laser-focused attacks on voters using propaganda similar to what we observed in 2016.
- The state of Maryland revealed that the software company that supplies the state board of elections' voter registration platform was taken over by a Russian oligarch back in 2015. ByteGrid LLC performs a vast array of voting-related functions for the state, including voter registration, the state's online voter registration system, online ballot delivery and unofficial election night results.
- Along those lines, Facebook reported that it killed a group of 32 pages run by Russian agents as propaganda fronts, due to “coordinated inauthentic behavior” and linkage to the previously indicted Internet Research Agency, which successfully targeted something like 126 million voters in 2016. Prior to that, in April, Facebook deleted 270 pages linked to the agency. It’s likely the hackers are continuing their work.
Yes, it’s good news that Facebook and others are weeding out the Russian combatants. But are we doing enough to thwart Putin’s overall strategy for the 2018 midterms? It’s nearly impossible to know, without access to classified reports, whether Russian agents continue to amplify politically divisive stories online. It's especially difficult to know whether infiltrations from previous years remain operational, perched in stand-by mode. However, the effort to stop Putin this year could drive the attackers to employ more subtlety.
All it might take to alter important results in November would be modest changes in vote totals in a small number of districts. Hackers don’t need to pursue electronic voting machines in order to do that. They can add a single line of code in centralized election databases and tabulation machines like the one that was hacked at DEFCON, siphoning a few votes here and there away from Democrats and toward Republicans. Think of a hack similar to the one used in Mike Judge’s “Office Space” -- one that operates quietly and unnoticeably, moving small chunks of votes from one column to another, but easily enough to swing nail-biting elections like the one we observed last week in Ohio's 12th congressional district. What happens then?
While, sure, it’s possible everything will go smoothly, it makes sense to prepare ourselves for a series of races on the evening of Nov. 6 to be “too close to call” and which then lean Republican in the end. The closeness will dissuade the press from asking questions and will surely make it more difficult for activists to point to Russian and/or Republican shenanigans. We also know that outsiders can easily rig the vote by eliminating voter registration data, striking Democrats in key districts off the voter rolls.
Usually, the president is tasked with leading and supervising the executive branch as it safeguards the nation and our Constitution. Today, however, the president and many senior officials from his party, including Republican members of Congress, are in league with the enemy. Therefore law enforcement and intelligence agents under Trump have no choice but (we hope) to proceed independently of their commander in chief, who still claims to believe this is all a hoax.
When these attacks are stopped, it’s only because of the goodwill, sense of duty and patriotism of our federal agents. It doesn’t help the Republicans to stop Russia from carpet-bombing of our democratic institutions. So don’t expect them to repent and show a change of heart anytime soon.