As Democrats in the U.S. Congress call for the Federal Bureau of Investigation to investigate concerns that Russia may be trying to manipulate the November general election with cyberattacks, government officials are wrestling with new challenges to ensure accurate results.
In a letter dated Saturday to FBI Director James Comey, Senate Minority Leader Harry Reid of Nevada said the threat of Russia tampering with the elections “is more extensive than widely known.”
"The prospect of a hostile government actively seeking to undermine our free and fair elections represents one of the gravest threats to our democracy since the Cold War," Reid added.
Reid’s letter was followed by one from four Democrats who asked the FBI to investigate whether officials of Republican presidential nominee Donald Trump's campaign may have conspired with Russia to carry out recent hacks against the Democratic National Committee and Democratic Congressional Campaign Committee to “interfere with the U.S. presidential election.”
The letter was signed by Representatives Eliot Engel of New York, John Conyers of Michigan, Elijah Cummings of Maryland and Bennie Thompson of Mississippi, all senior Democrats.
Russian government involved?
On Monday, news accounts began circulating that U.S. officials suspected Russian hackers were responsible for breaking into two U.S. state election databases in August.
The FBI has not identified the states, but Yahoo News, which first reported the breaches, quoted sources who said Arizona and Illinois were targeted. According to Yahoo News, an Illinois election board official said the voter registration system was shut down for 10 days after hackers stole personal information on approximately 200,000 voters. The Arizona attack involved the introduction of malicious software into the voter registration system.
U.S. officials have said recent cyberattacks at the Democratic National Committee and elsewhere within the Democratic Party probably were conducted by people inside the Russian government. Russia has denied any involvement.
Electronic voting vulnerable
Federal officials are increasingly concerned about the possibility that, for the first time, foreign hackers, particularly those working for Russia, could breach U.S. elections' computer systems and wreak havoc on a presidential election.
“I think this election will probably start to showcase the future around problems we’ll have with electronic voting,” Timothy Carone of the University of Notre Dame’s Mendoza College of Business said in an interview with VOA.
Tim Erlin, senior director of information technology security and risk strategy at Tripwire, a cybersecurity company, said he thought cyberattacks during the November election were certain. “There have already been cybersecurity incidents related to the election, so the likelihood that this election will be influenced in some way by attacks is 100 percent,” he said.
James Andrew Lewis of the Center for Strategic and International Studies, a public policy research group in Washington, told VOA, "Hacking for political purposes or coercive purposes, that's new and dangerous."
Lewis described the skill level of Russian computer hackers as "very good." He said the Russians' recent reported U.S. cyberattacks could be test runs for November. "That might suggest that, if they wanted to, they could do something, a lot more at election time."
Lewis said he thought it would be difficult to change the outcome of an election, because cyberattackers would have to achieve the unlikely task of hacking into a large number of local computerized voting machines. But he left open the possibility that cyberattackers could cast doubt on an election by hacking into state voting systems with aggregate vote totals.
The more likely scenario, Lewis said, is cyberattacks interfering with vote counts by breaching wireless voting machines, which could shape opinions and create uncertainty. "It's something to be worried about for November."
Federal agencies are enhancing their computer security systems before the November 8 elections and are collaborating with state governments to do the same.
The Department of Homeland Security, the U.S. Election Assistance Commission, the National Institute for Standards and Technology and the Department of Justice are helping state officials manage risks to their voting systems. After an August 15 conference call with state and federal agencies, Homeland Security Secretary Jeh Johnson issued a statement saying, "It is critically important to continue to work to ensure the security and resilience of our electoral infrastructure, particularly as the risk environment evolves."
Harvey Kushner, director of the Homeland Security and Terrorism Institute at Long Island University, who has provided training for federal agencies such as the FBI and the Department of Homeland Security, told VOA, "The government has not been very sophisticated in dealing with cyberspace.”
As an example, Kushner cited the federal government's problematic rollout several years ago of the Affordable Health Care Act.
Lewis, however, said the federal government has many resources at its disposal to combat cyberattacks. In addition to the FBI's counterhacking capabilities, the government has vast intelligence resources and associations with top private cybersecurity companies. "So between the private companies and forensic evidence and the federal government and intelligence activity, you can very often be pretty sure about who's doing what," he said.
'No silver bullet'
In addition to high-profile meetings, Carone said federal officials are working hard behind the scenes to manage the risk of cyber intrusions during the election. "But at the end of the day, it's going to happen, and how we recover from it is going to be a challenge," he said.
"There's no silver bullet in protecting elections from electronic manipulation," said Erlin. The most effective approach to countering cyberattacks, he said, is to identify potential threats, implement appropriate countermeasures and adapt defenses to counter new threats.
Other cybersecurity experts say it is imperative that election officials have backup information systems in place, even a paper trail, in the event computer systems are compromised on Election Day. "We better have a backup plan," Lewis said.