The threat of foreign interference in U.S. elections remains a top concern, an election official from the Cybersecurity and Infrastructure Security Agency said on Thursday, with nation state actors potentially weaponizing misinformation to further stoke distrust in the voting process.
Kim Wyman, senior election security advisor for CISA, said during a panel discussion on election security at the Billington CyberSecurity Summit that previous U.S. elections have included a combination of foreign influence campaigns and cyber attacks “from domestic and foreign actors trying to get into our systems.” But she said that these ongoing interference efforts could also be weaponized to amplify threats of physical violence against election officials and conspiracies about the accuracy of the electoral process.
“These can be inflated claims of being able to breach a system or getting data,” Wyman said. “They can also be actual successful attempts. And it all sort of feeds into itself, because you have the narrative and the influence campaign, you have the actual cyber activity, and now I think what we’re starting to see is potentially physical security issues that come around that.”
Michael Daniel, president and CEO of the Cyber Threat Alliance, said that one of the ongoing challenges is that election interference “often has an element of surreptitiousness to it,” with both foreign and domestic actors using influence campaigns and claims of election interference to suit their own needs.
“In other words, the actors are not always being honest about what their real agenda is or why they’re taking the actions they’re taking,” Daniel said. “It’s often coupled with mis- and disinformation as well. But I think at the root of it, it’s really about undermining confidence in the system or preventing the system from functioning as it’s intended.”
Daniel also expressed concern about the number of adversaries, including nation state actors, who are “trying to see whether or not election interference activities will further their interests.”
“It’s not really just about the Russians,” Daniel added. “We can see the Chinese and Iranians and other foreign actors trying things out. But there are also homegrown actors in this space as well now, too.”
Given today’s political environment, where large portions of the electorate still doubt the results of the 2020 presidential election, even attempted election interference or inflated claims of intrusion into voting systems can still wreak havoc. Last month, Wyman told the Senate Judiciary Committee how threats of physical violence directed against election administrators and the spread of election-related misinformation made it more difficult for officials to do their jobs.
Ed Smith, the director of global services and certification in North America for Smartmatic, said one major concern is that an adversary or nation state can fuel misinformation campaigns by claiming that they hacked an election system prior to early voting or Election Day, potentially depressing turnout and sowing doubts about the validity of election results.
“Saying that they’ve disrupted the system somehow is really all they need to say,” Smith said. “Not that they even changed the results, but just somehow disrupted it. That can create a lack of confidence in the system.”
All of the panelists, however, said that election security efforts have come a long way since the 2016 presidential election, with CISA and other federal agencies strengthening partnerships with state and local election officials, offering intelligence briefings and expanding access to a variety of tools and resources to help deter cyber and physical threats to election infrastructure.
“We are doing a much better job of working with the intelligence community and the law enforcement community to get actionable intelligence and information out to state and local election officials in a really timely manner so they can act on it and respond to it,” Wyman said, noting that all 50 states and approximately 3,400 local jurisdictions are a part of the Elections Infrastructure Information Sharing and Analysis Center, which offers officials a variety of cyber defense resources.
Wyman said that CISA is currently focused on working with state and local election officials to beef up their physical and digital security efforts, including offering them the opportunity to work with a protective security advisor who can go out to polling places or election offices on request to provide officials with feedback on securing their facilities.
But even as threats to election administrators’ safety have become more frequent, officials still remain on guard against foreign influence efforts that could drive misleading narratives about vote tabulations or more directly interfere in the voting process.
President Joe Biden on Wednesday extended the national emergency declaration from Executive Order 13848—which imposes sanctions on foreign actors who interfere in U.S. elections—for an additional year. The order, signed by former President Donald Trump in September 2018, requires the intelligence community to submit a report to the president within 45 days of the conclusion of a U.S. election, detailing foreign interference efforts targeting election infrastructure or political organizations, campaigns and candidates. The order also allows for the imposition of sanctions against foreign persons and entities identified by officials. The national emergency declaration was scheduled to expire on Sept. 12.
“The ability of persons located, in whole or in substantial part, outside the United States to interfere in or undermine public confidence in United States elections, including through the unauthorized accessing of election and campaign infrastructure or the covert distribution of propaganda and disinformation, continues to pose an unusual and extraordinary threat to the national security and foreign policy of the United States,” Biden said in the Sept. 7 notice.