Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Stay on top of the latest market trends
Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Voting booths. Genaro Molina/Los Angeles Times via Getty Images
Hillary Clinton's former campaign manager says the current focus on improving voting machine cybersecurity would not have prevented the last election's mess. Instead, he said, the major culprit was hacking campaign personnel and political parties.
Why it matters: Robby Mook saw first-hand the damage caused by the election hacking during Clinton's presidential campaign, and he is now part of Harvard's new Defending Digital Democracy Project on election security. He believes that securing voting machines is important, but cannot be the end of the election security conversation.
There is some irony that the actions we are now taking would not have changed 2016. Sometimes we dwell on voting machines to our detriment.— Mook
The details: In 2016, most of the damage caused by a believed-Russian effort to muddy the election came from hacks of Democratic groups and Clinton campaign Chairman John Podesta and the subsequent leaks of emails and other files.
- While Russia is thought to have attempted to hack as many as 21 states' election infrastructure (including voter databases), there is no evidence that Russia breached any voting machine or directly altered any votes.
- Nevertheless, the hallmark issue of election security appears to still be preventing an adversary from directly changing votes. In a letter Tuesday to House Science Chair Lamar Smith (R-Texas), Democrats on the committee wrote about the need "to ensure that their votes are appropriately counted and that foreign, domestic, or other actors do not surreptitiously interfere with, manipulate or otherwise unlawfully influence our election infrastructure, voting polls and election results."
What would have worked in 2016: "There are two things that would have protected information in 2016. The first is using two-factor identification. The second is using encrypted and ephemeral communication," said Mook. Ephemeral communications self-destruct after a limited viewing window.
- The Clinton campaign used two-factor authentication — one reason, notes Mook, that while the Democratic National Convention, Democratic Congressional Campaign Committee and John Podesta's personal emails were hacked, the campaign wasn't.
- The campaign switched to encrypted, ephemeral communications to discuss Russian hacking, worried that hackers might still have access to its communications.
Legislation focuses on both machines and other campaign infrastructure: There are several bills for election security currently under consideration, many of which include funding for both voting machine improvements and other aspects of the infrastructure, like voter databases.
Bottom line: Election security is national security, even when it concerns political party and campaign cybersecurity. "Obviously if someone steals internal policy deliberations, that's a risk to security if that candidate is elected," said Mook.