Hacks, data leaks, and disinformation have all added to the chaos of one of the most contentious elections in history. US intelligence agencies have even accused Russia of perpetrating some portion of the digital meddling. And now reports indicate that officials are preparing for worst-case cybersecurity scenarios on November 8. But what might those election day digital threats realistically look like?
Government officials and the media have been worried over the possibilities of attacks that might hack voting machines, leak last-minute November surprises about candidates, or even sabotage the power grid. But ask the cybersecurity community, and they’ll tell you the easiest way to hack the election is a simpler, two-pronged attack: Black out sources of real information and spread disinformation.
“They’re going to try to influence this election further using a combination of things like additional leaks, DDoS attacks, and targeting the media,” says Adam Meyers, vice president of intelligence at the security firm CrowdStrike. “What better way to destabilize a country without a shot being fired than by leveraging these various tools to play with people?”
Because state voting systems are diverse and decentralized, officials have maintained that direct vote tampering is unlikely. But they have also acknowledged that over the past few months foreign hackers have probed and at times breached voter registration systems, either to spread apprehension, find system weaknesses, or both.
Hackers have a few other options for disrupting the process. Polling places report tallies digitally to vote collection centers, and that point in the chain could be vulnerable. Attacks that impact election information websites could hinder voters’ abilities to learn basic details like the status and location of their polling place. “I don’t think cyber attacks can directly affect voting machines, but they probably can indirectly affect [voting] in many ways,” says Kevin Du, a network security researcher at Syracuse University. “They could bring down online services.”
In late October, a cyberattack on the internet infrastructure company Dyn served as a reminder of the fragility of the web. Dyn was hit with a so-called distributed denial of service attack that flooded some of its servers with malicious traffic until they buckled under the load. The attack specifically targeted Dyn’s Domain Name System service, which acts as a directory of which web addresses correspond to which numeric IP addresses. As a result, the attack on Dyn affected people’s ability to load web services like Spotify, Twitter, and PayPal. The attack on Dyn doesn’t seem to have been the work of state-sponsored hackers—it may have just been teenagers—but the incident is still troubling.
Most importantly, unlike reconnaissance hacking aimed at digging up information, DDoS attacks are offensive strikes that can occur anytime. In Russia and Eastern Europe, DDoS attacks have for years hamstringed the websites of opposition groups or media. “Sabotaging parts of the internet in the US on election day is quite possible,” Stephen Gates, chief research intelligence analyst at the security firm NSFOCUS, writes to WIRED in an email. “Widespread outages and brownouts could ensue. The election process may see none of these attacks, or it may see all of them.”
Denial-of-Service Meets Disinformation
Even if the voting process isn’t attacked or hindered, determined trolls could still spread rumors on social media that things have gone horribly wrong and that polling places are closed, or create fake new stories on sham sites warning that the election results are tainted. “The Russians have tens of thousands, if not hundreds of thousands, of Twitter bots that they control that they can use to advance different messages,” Crowdstrike’s Meyers says. “And if they can plant fake stories in the media, that’s going to cause all kinds of confusion. It certainly helps that one of the candidates is saying that it’s rigged already anyway.”
Twitter has been struggling to keep up with problematic disinformation campaigns on the social network meant to discourage minority voters from getting to the polls. And forged documents that appear to come from a senator on the Senate Homeland Security Committee have also been circulating, including a fabricated warning of a cyber attack changing vote counts.
Meanwhile, the Russian-linked hacker persona Guccifer 2.0 published a blog post on November 4 and has been tweeting about how “Democrats may rig the elections on November 8.” Furthermore, he writes, “I also call on other hackers to join me, monitor the elections from inside and inform the US society about the facts of electoral fraud.” Officials have been working to combat fear mongering. For example, the non-partisan National Association of Secretaries of State (the secretary of state is also the chief elections officer in every state) has been adamant that vote manipulation is prohibitively difficult and said in a statement that each state will have “intense scrutiny of results through canvassing, including audits.”
It’s unclear how these reassurances will fare on Election Day if disinformation spikes. Election day itself is a tipping point where a bad actor could cause a chaotic eruption of protest against the outcome, even without a catastrophic hack. In the case of Russia, Crowdstrike’s Meyers says that the foundations of disinformation campaigns are solidly in place in the US, especially when it comes to an apparatus of Twitter bots that has built credibility. “Now they can pretty much use it to shift messages in the direction that they want them to go,” he said. When viral memes can be disinformation weapons—and a DDoS can act as censorship—the truth is a fragile thing.