This article is part of Future Tense, a collaboration among Arizona State University, New America, and Slate. On Wednesday, Oct. 5, Future Tense will host an event in Washington, D.C., on elections and technology. For more information and to RSVP, visit the New America website.
When the House Committee on Science recently held a hearing on cybervulnerabilities and our elections systems, the committee focused only on threats facing the actual systems of voting—tabulations, electronic machines, and the possibility of a “rigged election.”
Experts who testified at the hearing agreed that a threat to widespread vote manipulation across many different precincts and jurisdictions is very small and unlikely. But dismissing the likelihood of cybertampering with the election tally misses an important point: Cyberattacks could shake public confidence in political institutions, sow dissent and distrust among the population, and tilt the electoral playing field.
In an attack this spring, hackers—who I have been advised are from Russia —stole data from the Democratic National Committee and the Democratic Congressional Campaign Committee. They also stole voting data in Arizona and Illinois. Most recently, FBI and Department of Homeland Security officials have confirmed attempted attacks on voter registration systems in more than 20 states. These attacks align with a particular pattern that Russian-sponsored hackers have followed previously in well-documented attempts to influence foreign democratic elections in Ukraine, Bulgaria, Romania, and Philippines. They don’t just release stolen sensitive material; they also create false and counterfeit material designed to impact the outcome of elections.
As our nation’s top intelligence official, Director of National Intelligence James Clapper, recently suggested, outside actors may attempt to find ways to tamper with the U.S. elections system in order to create public doubt about our system’s reliability. As he explains, “The more likely objective here would be to try to sow seeds of doubt about the efficacy and viability and the sanctity, if I could use that word, of the whole system.” An election can be harmed even if the vote count remains unchanged. Simply discrediting a major political party or inciting division among Americans in hopes of reducing voter turnout could be sufficient to alter the results of elections.
But beyond introducing doubt into our political system, there are a number of actions that saboteurs could take to affect our elections systems. For example, cyberattacks that disable voting or tabulation machines, rather than changing the vote totals, could discouraging voting through increasing wait times and long lines. How many voters, if faced with hourslong waits and lines stretching for blocks from polling locations, will turn around in frustration and go home without casting their ballots? And if those attacks were targeted to precincts with predictable voting patterns, it’s conceivable that the overall election result in a tight race could be altered. Stolen voter registration information could be used to send targeted, false information about voting locations, dates, or eligibility and reduce turnout among targeted populations—likewise altering election results in a meaningful way.
The objective does not need to be a finely tuned attack to change election results. It could be bluntly focused simply to create chaos and attack the faith and confidence the American people have in their elections systems while sowing doubt about the validity of U.S. elections.
The Russian-sponsored attacks on the Democratic Party are disturbing. I have found it correspondingly disturbing that some Republicans have reacted mildly to these cyberattacks seemingly because of the possibility it could be to their party’s advantage.
But this is not just an attack on a political party; it’s an attack on America and our institutions of democracy. These digital incursions should alarm Americans, regardless of personal politics or political affiliation, and be condemned across the political spectrum.
What can we do? Of course, we need steps to better secure political and voting information, including robust encryption of data. Just as important, the federal government should work with states to broaden our consideration of what constitutes the nation’s “voting infrastructure.” The fact is it’s not just polling and tabulation machines. It includes the communications of political parties, databases of voter registration, and political data, as well as the news media. Even our electric grid—if attacked during an election—could alter the outcome if targeted at specific communities. It’s time we recognize that the avenues in which the integrity of our elections may be affected and the threats to our voting systems are much broader than we may have contemplated.