With the clock counting down to Election Day 2020, what are the FBI and other national security agencies doing to protect against the foreign interference that marred the 2016 campaign?
They say they’re doing a lot.
American officials acknowledge they were caught a bit flat-footed in 2016 by Russia’s active measures operation. U.S. intelligence agencies saw various pieces of what the Russians were up to, officials say, but did not put it all together until it was too late.
In the eyes of some observers, that was a failure of imagination on the part of the national security community.
For example, Russian hacking into the Democratic National Committee was seen as a problem, but the conventional wisdom at the time within officialdom was that Moscow was doing it for intelligence purposes. Spying, not interfering.
That, of course, turned out to be wrong.
The Russians weaponized the stolen information by publicly releasing it via WikiLeaks and others. Once it hit the Internet, it was quickly sucked up into media reporting and the broader campaign narrative.
U.S. intelligence agencies have gone back and studied Russia’s playbook page by page to try understand what they did and how they did it to prevent a repeat performance.
“Last summer, one of the things that we immediately did was we went back and look at 2016 and thoroughly understood our adversary,” National Security Agency Director Gen. Paul Nakasone said at a recent security conference. “And what we knew coming out of that is that we had to do something different.”
A lot has changed since 2016 on the election security front.
For one, the U.S. government has its eyes focused on the issue this time around. That on its own is a significant shift from three years ago.
There are several examples of how election security is a priority for departments and agencies tasked with keeping the country safe.
Shortly before he stepped down, then-Director of National Intelligence Dan Coats appointed Shelby Pierson to oversee and coordinate election security for the intelligence community.
The FBI, meanwhile, has had a foreign influence task force up and running since 2017 to counter efforts to undermine elections in the U.S.
The bureau also has briefed Democratic candidates about cybersecurity and other threats to their campaigns. These initial briefings were basic and general in nature, people familiar with them say, but they did provide a reminder to the campaigns of potential cyberthreats and ways to guard against them.
The Department of Homeland Security is also getting in on the act.
Its Cybersecurity and Infrastructure Security Agency is working with five major election vendors that make voting and election management systems to ensure those systems are as secure as possible for 2020, according to a DHS official.
And finally, the Feds have taken strides to make sure that information about cyberthreats gets to the people who need it at the state and local level. That’s important because elections are run by state and local officials, not the federal government.
In 2016, the FBI and DHS struggled to get relevant, often classified, information to those officials to help them secure their systems.
Now, certain state election officials have been given clearance to receive classified information, making it easier to read them in about reporting from the intelligence community.
“It’s working really well, the level of information and intelligence sharing with state and local officials,” FBI Associate Deputy Director Paul Abbate said at a recent conference. “Staying ahead of the threat, not after something has occurred, has been an incredible shift.”
Not just playing defense
Officials say that securing the elections from outside interference isn’t just about playing defense anymore. The U.S. is also going on the offensive.
That is what the National Security Agency calls “persistent engagement.” What that means, in essence, is tracking online adversaries wherever they are and, more and more, taking action against them.
The 2018 midterm elections provided a glimpse of what that looks like.
During the midterms, Cyber Command took offline for a period of time the Internet Research Agency, the Russian troll farm behind Moscow’s 2016 disinformation campaign, according to reports.
That operation, combined with efforts by the FBI and other agencies, helped make the 2018 election perhaps the most secure ever from a cyber perspective, officials have said.
Russian influence specialists used social media platforms including Twitter and Facebook to push disinformation and sow discord during the 2016 campaign.
The companies, like the U.S. government, were slow to catch on to what the Russians were up to. Once the extent of the Russian abuse became clear, the tech firms came under fire for allowing it to happen.
Anxious to avoid a repeat, the tech firms are now working with the government to try to protect social media platforms from foreign manipulation.
The FBI has been working with the companies to alert them to the tradecraft, tactics and procedures that foreign adversaries are using. The bureau and the tech firms are also sharing information on what they’re seeing from foreign adversaries.
“It goes both ways,” the FBI’s Abbate said. “We’re pushing information and intelligence out to the companies to help them spot bad actors on their platforms and remove them, and they’re giving information back to us to inform our efforts … so we can aggressively go out and take action against them and cut them off at the knees.”
Looming over all of the government’s efforts to protect the 2020 election from foreign interference is the understanding that while the U.S. is taking steps to secure the vote, the Russians and other adversaries are likely to change up their playbook too.