US Bracing for Attacks Before and After Election Day
November 2, 2020
For much of the past four years, United States cybersecurity
officials responsible for preventing foreign meddling in elections
have been preparing for an attack that, at least to the public’s
knowledge, has never come.
While U.S. intelligence concluded that Russia, China and Iran
“conducted influence activities and messaging campaigns” during the
2018 elections, it said there was nothing like what happened in 2016
when Russia combined an aggressive influence operation with the work
of hackers who managed to penetrate election-related systems in all
None of the three countries did anything that changed any votes to
affect the outcome of the election.
This election, which will reach its crescendo when voters go to the
polls November 3, is different.
Unprecedented 2020 election
Due to the coronavirus pandemic, many states this year have expanded
absentee and mail-in voting.
Data collected by the U.S. Elections Project finds that by October
29 more than 82 million voters had voted by mail or cast their
ballots at early voting centers.
U.S. intelligence officials have already confirmed attacks on the
election have been underway for some time, with Russia, China and
Iran all waging operations designed to influence the way voters cast
And more recently, intelligence officials warned that Russia and
Iran managed to acquire voter registration data while hacking into
In another significant difference from the 2016 and 2018 elections,
intelligence and election security officials warn that, this time,
the assault on the election will not end when the polls close.
Instead, they say the attacks will persist, likely until at least
the presidential inauguration on January 20, 2021.
Here are the threats that have U.S. officials most worried as
Election Day approaches:
Foreign Influence Operations
U.S. counterintelligence officials began warning in August about
influence campaigns by the big three – Russia, China and Iran.
In a rare public statement, National Counterintelligence and
Security Center (NCSC) Director William Evanina warned that each of
the three countries had a preference between President Donald Trump
and former Vice President Joe Biden and had ongoing influence
operations to help their favorite.
“We assess that Russia is using a range of measures to primarily
denigrate former Vice President Biden,” Evanina said in the
statement, adding, “Some Kremlin-linked actors are also seeking to
boost President Trump’s candidacy on social media and Russian
“We assess that China prefers that President Trump – whom Beijing
sees as unpredictable – does not win reelection,” Evanina said.
Iran, Evanina said, is “driven by a perception that President
Trump’s reelection would result in a continuation of U.S. pressure
on Iran in an effort to foment regime change.”
A month later, FBI Director Christopher Wray warned lawmakers that
Russian efforts were “very, very active” on social media, on its own
state-run media and through various proxies.
The nation’s top intelligence official, though, has focused more on
the threat from China.
“I don't mean to minimize Russia,” Director of National Intelligence
John Ratcliffe told Fox Business News on August 30. "But the threats
that we face from China are significantly greater...anyone who sees
intelligence knows that."
Other top intelligence officials agree China is a greater threat to
the U.S. over the long-term, though they maintain Russia presents
the biggest threat to the election itself.
Officials also caution that Russia, China and Iran are not alone.
Evanina told Hearst Television October 8, “We probably have 30
countries out there wanting to play in the influence game,” a list
that includes U.S. allies like Saudi Arabia, and Turkey, and
adversaries like Cuba and Venezuela.
Despite the ongoing threat, U.S. election officials have been
expressing confidence about the status of the country’s
election-related networks and systems.
"This will be the most secure election in modern history,"
Christopher Krebs, the director of the Cybersecurity and
Infrastructure Security Agency (CISA), proclaimed in September, and
not for the first time.
Krebs made similar comments as far back as at least July, noting the
U.S. has sensors in place to detect possible intrusions into
critical computer systems and networks. And 92% of states have
systems in place to ensure there is a paper record of every vote
But because election-related systems and networks are more secure
than they have ever been, officials expect Russia, China, Iran and
other U.S. adversaries to try an indirect attack.
“Ransomware remains a threat," Krebs told a cybersecurity summit in
Officials expect the ransomware – malicious software that denies
users access to computers or networks unless they pay up – is likely
to target systems which are related but not central to the election.
"We see cascading impacts where internet is lost, connectivity to
websites is lost," said Matt Masterson, the Department of Homeland
Security’s senior adviser for election security.
In an updated threat assessment, the New Jersey Office of Homeland
Security and Preparedness further warned, “Though it might not
affect getting accurate votes, it [ransomware] could still impact
U.S. officials also worry about potential attacks on the country’s
electricity grid or communications networks and have been working
with those sectors to increase security.
Recent ransomware attacks by Russian-speaking cyber actors against
U.S. health care providers has only heightened this concern.
Even though officials express confidence in U.S. efforts over the
past four years to better secure election-related computer networks
and infrastructure, foreign countries are still trying to find a
U.S. intelligence and security officials warn that Russia and Iran,
in particular, have amplified their efforts to penetrate critical
On October 21, Director of National Intelligence John Ratcliffe
announced both countries had managed to access U.S. voter
registration data and were using it in what he described as
“desperate attempts” to sow confusion and chaos.
“Both nations took voter data registration information from places
that were election-related infrastructure,” the NCSC’s William
Evanina told PBS this on October 29.
“Some of that might have been by accident,” he said, adding, “As of
right now, where we sit today, we're very confident that our
adversaries will not be able to manipulate any votes or change any
votes at scale.”
Still, according to the FBI and CISA, both Russia and Iran have been
searching for ways into state and local systems since at least
Giving U.S. officials more cause for concern is that the hacks by
countries like Russia and Iran do not themselves need to be
successful for them to have an impact – something officials describe
as a “perception hack.”
“What concerns me the most is the steady drumbeat of misinformation
and amplification of smaller cyber intrusions,” FBI Director
Christopher Wray told lawmakers during a September hearing. “I worry
they will contribute over time to a lack of confidence of (among)
“That would be a perception, not reality. I think Americans can and
should have confidence in our election system and certainly in our
democracy,” he added.
Social media companies, like Facebook, have also expressed concern,
even as they claim to be stopping influence operations earlier than
“As it gets harder to go undetected for long periods of time, we see
malicious actors attempt to play on our collective expectation of
widespread interference to create the perception that they’re more
impactful than they in fact are,” Facebook Head of Security Policy
Nathaniel Gleicher wrote in a recent blog.
“We’re closely monitoring for potential scenarios where malicious
actors around the world may use fictitious claims, including about
compromised election infrastructure or inaccurate election outcomes,
to suppress voter turnout or erode trust in the poll results,
particularly in battleground states,” he added.
these threats – influence operations, ransomware attacks, hacks and
perception hacks – feed into one more threat that has U.S.
intelligence and law enforcement officials worried: the threat of
"Given what we've experienced over the course of the spring and the
summer, we can't presume that what happens the night of [the
election] or even days before and certainly not days after, is going
to be peaceful,” Chicago Mayor Lori Lightfoot said during an October
27 online forum.
“We hope for that,” she said. “But we are preparing for the worst.”
FBI Director Christopher Wray has also expressed concern about what
U.S. adversaries may be able to do to see that political divisions
play out violently.
“Certainly, there is an effort to sow upheaval and discord, and as
we've seen around the country, discord and upheaval can lead to
dangerous, violent criminal activity," he told lawmakers in
September. “Our preparations for 2020 take into account the current
climate of the country.”
More recently, the NCSC and CISA have been urging U.S. voters to be
smart, and to recognize foreign efforts to manipulate and provoke
them, whether in the run-up to the election, on Election Day or in
the days to come.
“Remember, our job's not done on Nov 3 - in the days & weeks that
follow we will see efforts to delegitimize the process” CISA’s
director wrote on Twitter. "Don't fall for it."