The recent publication of the Mueller report provided more details about the extent of Russia’s interference in the 2016 presidential election, and Florida Gov. Ron DeSantis revealed today after meeting with the FBI that the Russians hacked into two counties’ supervisor of elections networks. Such revelations are creating a new sense of urgency around the question of what the United States is doing to prevent another such attack. President Donald Trump said he did not broach the topic on a lengthy call last week with Russian President Vladimir Putin, telling reporters “we didn’t discuss it.”
But U.S. intelligence officials have repeatedly warned that they expect Russia to attempt to meddle in the 2020 election. And in a meeting with Russian Foreign Minister Sergey Lavrov today in Sochi, Russia, U.S. Secretary of State Mike Pompeo said he made clear that “interference in American elections is unacceptable. If the Russians were to engage in that in 2020, it would put our relationship in an even worse place than it has been.”
Here’s a brief overview of what we know about what happened the last time around.
How did Russia influence Americans through social media?
The Internet Research Agency (IRA), a Kremlin-linked organization in St. Petersburg, Russia, developed Twitter, Instagram, and Facebook accounts to spread disinformation. This activity began as early as 2014, and by early to mid-2016 the campaign was actively supporting Donald Trump and disparaging Hillary Clinton. By the time the elections took place, the IRA was part of a Russian project with a monthly budget of more than 73 million rubles ($1.25 million) and had the potential to influence millions of Americans.
By the time Facebook and Twitter representatives testified before Congress the following year, the IRA had reached 126 million people through 470 Facebook accounts and 1.4 million through 3,814 Twitter accounts. The IRA also spent about $100,000 putting ads in the news feeds of Facebook users, featuring assertions such as “I say no to Hillary Clinton / I say no to manipulation” and “Donald wants to defeat terrorism … Hillary wants to sponsor it.”
What was its goal?
The IRA’s operations aimed to “sow discord in the U.S. political system,” in the words of the Mueller report. Some of the most popular accounts included “United Muslims of America” (300,000-plus participants) and “Secured Borders” (130,000-plus participants). IRA-controlled posts touched on flashpoints such as immigration, race, and religion, all designed to exacerbate political polarization. They also sought to sow doubts about American democracy, such as by promoting allegations of voter fraud by the Democratic Party.
This type of political interference has been used by Moscow since Soviet times. John Sipher, a retired CIA agent who served in Moscow and ran the agency’s Russia operations, describes it as “the art of having your enemy think what you want him to think.” But the digital age provides a much bigger platform for such political warfare, which can be more subtle, believable, and far-reaching than in the past.
What did the Russians hack?
In early 2016, as Russia was stepping up its support for Mr. Trump, it opened a second front: hacking political organizations and publishing sensitive documents.
The GRU, a Russian military intelligence unit, hacked the Clinton campaign’s email accounts and gained access to two national organizations of the Democratic Party, stealing hundreds of thousands of documents. The GRU then published these materials through WikiLeaks and fake online personas, “DCLeaks” and “Guccifer 2.0.”
On two occasions, the timing of these releases appeared favorable to Mr. Trump. In late July, amid a controversy over Mrs. Clinton’s use of a private email server while she was serving as secretary of state, Mr. Trump said, “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing.” About five hours later, the GRU “targeted for the first time Clinton’s personal office,” according to the Mueller report.
Then in October, just an hour after a damaging video surfaced in which Mr. Trump had bragged about groping and kissing women without their consent, WikiLeaks released a second trove of emails stolen months earlier from Clinton campaign manager John Podesta.
Russia also targeted at least 18 states’ electoral systems, with others reporting malicious activity. The GRU gained access to an Illinois database with millions of registered voters, and also breached at least two Florida county government’s computer networks. Though there is no evidence that Russia’s hacking changed the vote tally or manipulated voter registration data, such malicious activity has raised concerns that in the future, foreign actors could tamper with voter registration records to exclude certain voters or groups of voters on Election Day.
How has Washington responded?
In February 2018, a grand jury in Washington indicted 13 Russian nationals and three Russian entities “for conspiracy to defraud the United States.” Among them was Putin ally Yevgeniy Viktorovich Prigozhin, whose companies had funded the IRA troll factory.
Several months later, the grand jury issued a second indictment charging a dozen members of the GRU with 11 criminal counts, including “conspiracy to commit an offense against the United States by attempting to hack into the computers of state boards of elections, secretaries of state, and US companies that supplied software and other technology related to the administration of elections.”
To help states defend against such threats, the Trump administration in early 2018 established a designated information-sharing center for election infrastructure. Around the same time, Congress approved $380 million to be disbursed to states for election security.
Is the U.S. ready for 2020 elections?
Director of National Security Dan Coats, in a briefing to the Senate intelligence committee in January, warned that America’s adversaries “probably already are looking to the 2020 US elections as an opportunity to advance their interests. More broadly,” he added, “US adversaries and strategic competitors almost certainly will use online influence operations to try to weaken democratic institutions, undermine US alliances and partnerships, and shape policy outcomes in the United States and elsewhere.”
While Mr. Coats has indicated that the intelligence community is doing everything it can to prevent the success of such efforts, and many states have substantially stepped up their defenses, most cyber experts agree that U.S. election infrastructure remains vulnerable.
Become a part of the Monitor community