Illustration: Rebecca Zisser/Axios
A hostile actor could cause just as much chaos after the midterm elections by making it look like someone had meddled with votes as by actually doing so, security experts say.
Why it matters: Actually hacking votes takes a lot of work. Making it look like you did is a lot easier — and potentially just as effective at upending public confidence in the results.
How it works:
- Hackers could probe voting systems without actually breaching them or altering vote totals. (Just this week, the Department of Homeland Security said that the agency continues "to see various cyber actors target election systems, activities that could serve various purposes, including to steal sensitive data, disrupt the availability of election services, or even to undermine the confidence in the election.")
- They could pair that with a misinformation campaign after the election alleging the someone had meddled with voting.
“You could imagine a period of time of chaos after the midterms in which people would be worried as to whether there was a hack because someone is claiming there was a hack, even if there wasn’t,” said Laura Rosenberger, a former National Security Council official who is now the director of the Alliance for Securing Democracy.
The big picture: Experts say that a major goal of election meddling campaigns is to erode trust in democracy rather than to actively shift vote tallies or choose winners and losers.
- An intelligence community assessment of Russia’s activities in the 2016 election found that the country wanted not only to hurt Democratic presidential nominee Hillary Clinton but to “undermine public faith in the U.S. democratic process.”
- Lisa-Maria Neudert, a researcher with the Computational Propaganda Project at the Oxford Internet Institute, said that after elections around the world she sees allegations of failures in the democratic process peddled by the “junk news networks” she studies, including of voters being disenfranchised or ballots disappearing.
What they’re saying: Lawmakers who have grappled with the 2016 misinformation campaign indicated they thought it was credible that bad actors could try to convince the public that election results were illegitimate. Some, though, were still wrapping their heads around the possibility.
- Sen. James Risch (R-Idaho), who serves on the Senate Intelligence Committee, told Axios he hadn’t considered the chance of a post-election attempt to make it look like a hack occurred, but that if it happened, “I wouldn’t be shocked.”
- “I wouldn’t even be surprised, because their objective is simply to cause chaos, not necessarily affect an election,” he said.
Sen. James Lankford (R-Okla.), who also serves on the panel, said concerns about what could happen after the midterms were an important reason federal officials should bolster states' ability to audit their vote counts.
- “If there’s no way to be able to verify it and go back and check it, then you have to figure out, is that legit, is it not legit, is there a real threat to the legitimacy of the election based on some idle threat that’s put out there online,” Lankford said.
- There are still some states that would struggle to verify election results if allegations of tampering emerged, though policymakers around the country have been working to change that.
The bottom line: The potential for someone to sow doubt after the midterms — possibly through some combination of misinformation and attacks on election systems — means that the pressure won’t let up on government officials and Silicon Valley companies responsible for policing election meddling.
- “If I was a sophisticated bad actor, the cost to actually flip an election is pretty high,” said one executive at a large internet company. “The cost to make it look like I did is much lower.”