Nov 12, 2020 - Politics & Policy

The election security nightmare that wasn't

Illustration of a hand putting a ballot into a slit at the top of a safe as if it were an ballot box.

Illustration: Aïda Amer/Axios

As the dust settles on the 2020 presidential election, it's becoming clear that the process proved sturdy, with no known attacks on voting infrastructure and no 2016-style vast foreign meddling campaigns to disrupt American democracy.

Yes, but: The ongoing disinformation campaign from President Trump and his allies, as they refuse to accept his loss, illustrates that the country does not need outside intrusions to undermine the integrity of our elections.

Where it stands: None of the election's worst-case scenarios came to pass.

  • There's zero evidence of any hacks into voting machines or alterations of voter data.
  • Despite the best efforts of Trump's legal team to cast doubt on the integrity of the election results before they're certified, there's no evidence whatsoever of widespread fraud that could affect the outcome of the presidential or down-ballot races.
  • There were some minor meddling efforts, but no foreign adversary even attempted to launch a large-scale interference campaign against the election.

The big picture: There's general agreement that the parties that needed to be prepared for the worst stepped up.

  • DHS’ Cybersecurity and Infrastructure Security Agency, the FBI and the U.S. military's Cyber Command undertook unprecedented, and often coordinated, actions to raise awareness about potential foreign cyber operations, shore up domestic online defenses and degrade and disrupt adversary networks abroad.
  • Major social media platforms like Facebook and Twitter worked diligently to identify and take down foreign disinformation networks, including several linked to Iran and Russia.

Happily, they were overprepared. Those Iranian and Russian campaigns, all caught before they even had a chance to gain much steam, were generally slapdash operations of limited scale and efficacy.

  • Iran, for instance, hijacked a website associated with a far-right group and sent threatening pro-Trump emails posing as members of that group to Floridians and Alaskans listed on public voter rolls as Democrats.
  • Unlike in 2016, this year saw no verifiable, large-scale, pre-election operations in which a cutout like WikiLeaks or persona like Guccifer 2.0 surfaced and amplified hacked materials.

Between the lines: It's not that foreign actors lacked the opportunity to intervene in the 2020 elections.

  • Even if the Russians or Iranians failed to procure any explosive hacked material, they likely could have produced forged documents and set about distributing and amplifying them online.

The catch: Hostile foreign actors didn't need to expend that effort. The closest thing to a retread of 2016's hack-and-leak operation — though there is no evidence linking it to a foreign government — was the late-stage trickle of material purportedly stolen from Hunter Biden's laptop.

  • That didn't have to be seeded online and boosted by an army of trolls, fake accounts and bots. Instead, Trump's personal lawyer Rudy Giuliani acted as the broker delivering that material to homegrown conservative media outlets.
  • The rising swell of disinformation circulating inside the U.S. political world is achieving the ultimate goal of hostile foreign intelligence services for them: the poisoning of the information ecosystem of millions of Americans, which foments domestic discord.

What's next: When there are actually core U.S.-related foreign policy objectives at stake for these countries, they can execute disinformation campaigns in an ever-more primed environment for them. In 2022 or 2024, they may be pushing on an open door.

Go deeper