The difference between national security and foreign competition
Will the 2020 election be secure?
Pressure is growing on Congress to take bipartisan and bicameral action to address election security. Between findings of the Russia investigation report by special counsel Robert Mueller, belated FBI briefings on voter registration hacks in Florida, and anticipated bipartisan findings from the Senate Intelligence Committee investigation, it would be inexplicable and inexcusable for lawmakers to fail to act. The question is whether they will move quickly enough and with sharp foresight as well as clear hindsight.
Republican lawmakers from Florida, upset at only now learning about the breaches of voter rolls in 2016, are rallying around a bill to require prompt FBI reporting to officials. But if they do not support bills like the Election Security Act of 2019 that provide funding and guidelines for states, the notification requirement will be a small bandaid on a gaping wound. There is limited value to finding out about a breach if you lack the resources and capabilities to respond effectively. It may only further the bad actors in reaching their goal of undermining public trust in the legitimacy of the outcome. If you cannot verify results, adversaries need only claim to have meddled, or plant indications of meddling, to achieve their objectives.
Federal and state officials need to move aggressively and urgently to protect election infrastructure because it will soon be too late to make needed changes for 2020. They must prepare for the inevitable efforts aimed at hacking public confidence in the voting process. This is why audit capability after elections is essential. Political leaders should be familiar with these procedures and prepared to let that process play out rather than stoke immediate public outrage that an election was rigged. It is more likely that adversaries will succeed in altering public opinions than in changing an election outcome by altering votes cast at the ballot box.
We should also look beyond what happened in 2016 because Russian efforts have indeed evolved. We should anticipate that other nations with the capabilities and motives to undermine our elections will also be actively engaged in the run up to 2020. The online campaigns of the Kremlin to distort discussion and debate show no signs of abating and have advanced in ways that make it harder to identify and counter the spread of disinformation. Russia is moving away from creating original online content and is instead amplifying existing divisive content, building massive followings for future use. This serves its broader goal of seriously undermining democracy and American institutions beyond just elections.
Coupled with artificial intelligence technology, this evolution makes it increasingly difficult for social media platforms to detect and remove such inauthentic accounts. Emerging threats like undetectable video and audio forgeries add further complications. State sponsored media outlets like Russia Today and Sputnik also continue laying groundwork to challenge both the process, and potentially the results, of future elections. These ideas are then later reinforced by Russian officials at the highest levels.
Russia to date has been the primary perpetrator in waging campaigns aimed at specifically undermining democracies, we can expect other nations to have been inspired by the cost effectiveness and perceived success of the Kremlin playbook. Heightened geopolitical and economic tensions with adversaries exacerbate the risk today. We understand that what we see Russia do elsewhere often previews what we should expect to see in the United States. The same may be true of other adversaries. For example, the extensive political influence operations China reportedly undertook in Australia and Taiwan should serve as a warning to leaders.
Citizen Lab published a recent report identifying Endless Mayfly, a vast Iranian network of inauthentic accounts. Iran was also responsible for destructive cyberattacks in the United States. With heightened tensions between Iran and the United States, Iran could mobilize its networks of inauthentic accounts to spread disinformation or cause disruptions in the 2020 election. While North Korea may not have sophisticated capabilities for online influence operations, it is certainly practiced in cybersecurity military deception. The 2014 Sony cyberattack demonstrated its capability and intent to engage in such a Russian style breach and release of emails.
A few weeks ago, Twitter removed a network of bots calling the special counsel investigation a hoax. These Russiagate bots were not coming from the Kremlin. They were likely coming from Saudi Arabia, or at the very least, from an operation that had historically spread propaganda favoring the Saudi Arabian government. The disinformation threat is not limited to nation states, as highlighted by reports that Facebook has just removed platform assets linked to a private Israeli political marketing firm that had engaged in coordinated inauthentic behavior around the world.
The United States must have a "whole of nation" strategy that includes collaboration with our allies to prevent and mitigate these threats. The government needs a consistent and principled approach in opposition to foreign interference that distorts public discourse. Adversaries must be on notice that interference will not be tolerated. Both political parties should pledge not to use hacked materials, even if such information is vetted and reported by the media. Similarly, the media should consider whether disseminating stolen emails before an election is sufficiently dangerous to our democracy as akin to publishing troop movements.
In addition to taking steps to make election infrastructure more secure and resilient, our leaders must establish other comprehensive measures to promote societal and institutional resilience. Civics education is now a key national security imperative for the United States. Democracy is not inevitable. It requires vigilance in every generation. Congress should lead by example and act with the urgency and seriousness the threat demands.
Suzanne Spaulding is a senior adviser for homeland security policy at the Center for Strategic and International Studies in Wasington. She served as the undersecretary for the National Protection and Programs Directorate at the Department of Homeland Security during the Obama administration.