If you’re worried about shadowy Russian hackers manipulating voting machines in upcoming November elections, you might rest easy.
And if you think those Russian hackers are interested only in removing Democrats from the White House, think again. They are targeting both parties.
That’s the analysis of private, congressional and White House experts who appeared Thursday at a cybersecurity summit and who monitor intrusions by foreigners into U.S. computer networks.
“Our voting infrastructure, our election infrastructure, is really quite resilient,” said Lisa Monaco, the assistant to President Barack Obama for homeland security and counterterrorism. “People should be quite confident in it.”
The federal government has little to do with the 8,000 or so U.S. voting districts, which are operated and managed at the county and municipal level and are not interconnected.
“It is incredibly diffuse and diversified. So that is a good thing, from a cybersecurity perspective,” Monaco said at the summit, which was sponsored by The Washington Post.
The vulnerability of voting systems is a growing concern in some states, and the Department of Homeland Security estimates that hackers have sought to penetrate voter registration and administration systems in at least 20 states.
Moreover, Russian activists have been accused of hacking some 20,000 emails from the Democratic National Committee in June, later giving them to WikiLeaks in an apparent effort to embarrass the party and hurt Hillary Clinton’s chances of winning the Nov. 8 election.
Experts said, though, that hackers would have a difficult time breaking into numerous districts in a coordinated effort to disrupt elections.
“There isn’t a voting virus or voting malware that is going to go out in an attack on the nation’s voting system. We’re very safe in that way because of the diversification and heterogeneous nature of all the different districts,” said Michael Sussmann, a privacy lawyer whom the DNC named to a cybersecurity advisory board following the hack.
There isn’t a voting virus or voting malware that is going to go out in an attack on the nation’s voting system.
Michael Sussmann, privacy lawyer and DNC adviser
Federal authorities have declined to pinpoint blame for the DNC hack, although Sussmann said Democratic leaders “know that it’s Russian state-sponsored.”
“We saw most activity from 9 a.m. to 5 p.m. Moscow time,” Sussmann said
“It’s really a guessing game now as to why they’re doing what they’re doing,” he said, adding that it appears to be “a broad campaign to hack party and campaign systems” across the political spectrum.
“There’s certainly more out there. We don’t know what we’ll see.”
WikiLeaks founder Julian Assange so far has failed to deliver on a pledge of an “October surprise” that would affect the U.S. presidential campaign, promising this week only that his group would release “significant” material in the next 10 weeks, a period that would stretch past the presidential election.
Few details have emerged of any hacks on Republican activists but a congressional staffer said they had occurred.
There have been reportings that Republican political operatives have also been hacked with their emails.
Brett DeWitt, House Homeland Security subcommittee
“There have been reportings that Republican political operatives have also been hacked with their emails,” said Brett DeWitt, staff director of a House Homeland Security subcommittee that focuses on cybersecurity and infrastructure protection.
“This is real. This is the wave of the future,” DeWitt said. “This is the new world that we have to live in, and we need to be prepared for that.”
A top private-sector expert concurred that foreign hackers most likely would seek to penetrate both parties even if it is unclear their purpose is other than to sow doubts in the American voting system.
Rich Barger, chief information officer at ThreatConnect, a cybersecurity firm based in Arlington, Virginia, said that if he were a Russian hacker, “I would not necessarily seek leverage on one party alone. I would buy insurance, and I’d make sure I’d covered my bases, however this falls. And so I would be very surprised if this wouldn’t affect both parties and perhaps might be the new normal.”
The hacking of political parties has become an unwanted distraction, Sussmann said.
“The campaigns and the parties are really, really, really busy trying to elect candidates. And so it’s sort of become a side job to have to deal with this,” he said.
Once the election is over, both parties will need to remain focused on cybersecurity.
“We cannot allow nation states to target either political party. And there needs to be strong consequences when those actions take place, whatever the actor is,” DeWitt said, describing the position of his boss, Rep. Michael McCaul, a Texas Republican who’s the chairman of the House Homeland Security Committee.
Tim Johnson: 202-383-6028, @timjohnson4