Ride the Lightning

U.S. Military's Hacking Arm Gearing Up for 2020 Elections

May 15, 2019

As The Washington Post (sub.req.) reported on May 8th, Russia viewed the midterm elections as a “warm-up” for 2020. The U.S. military’s hacking division (U.S. Cyber Command) is treating it that way, too.

In the run-up to the presidential election, U.S. Cyber Command is surging election defense efforts that proved useful during the midterms, including probing allies' computer networks to glean insights about Russian threats. Cybercom is also working more closely with election defense teams at the Department of Homeland Security and the FBI, and with industry sectors that are targeted by Kremlin hackers and might have early warnings about threats facing the election.

“Our goal is to have no interference in our elections,” said Maj. Gen. Tim Haugh, who heads the command's cyber national mission force. “Ideally, no foreign actor is going to target our electoral process.” Cybercom is the only outfit among the myriad federal state and local government agencies tasked with protecting the 2020 election that is allowed to punch back against Russian hackers — and it's using its new authorities granted during the Trump administration to be more aggressive in cyberspace.

The military's preparations for 2020 also include sharing information with DHS under a program launched by former defense secretary Jim Mattis and former Homeland Security secretary Kirstjen Nielsen. That operation continues despite the secretaries’ departure. And Cybercom is also partnering with DHS to build closer ties with critical industry sectors under a program called Pathfinder, he said — beginning with the financial services and energy sectors.

The idea behind Pathfinder is that DHS clues Cybercom into the digital threats facing those industries — and then Cybercom goes looking for information that will help them defend themselves. And that information, in turn, might be useful to election security efforts.

CyberCom, which shares a leadership structure with NSA, didn’t confirm the Symantec report. But officials argued that adversary hackers stealing the tools you use against them is pretty common – and it’s something NSA and CyberCom take into account before using the tools.

Once the U.S. government or anyone else uses a previously secret hacking tool, it loses value pretty quickly, Maj. Gen. Karl H. Gingrich said. “Safeguarding [hacking tools] is a priority for us and they’re safeguarded,” he said. “But then they’re used in the environment and once they’re out there, they’re out there . . . It’s part of the risk assessment.”

House Administration Committee Democrats plan to release an election security bill in the next few weeks and are seeking Republican co-sponsors. That will mark the first stand-alone election security bill in the House this Congress. Goals for that bill include providing financial support for election infrastructure, fostering accountability for election technology vendors, and preventing election hacking.

In the Senate, sponsors of the Secure Elections Act already shared plans to reintroduce their bill in the next couple of weeks. That’s the bipartisan bill that came closest to passing last Congress — but prospects don’t look great for it passing this time around. A spokesman for Sen. Ron Wyden (D-Ore.) says he also plans to reintroduce an election security bill from last Congress that had stricter requirements — including a mandate for paper ballots or backups.

Wyden’s bill, the Protecting American Votes and Elections Act, was popular among Senate Democrats including numerous 2020 presidential candidates, but didn’t win any Republican co-sponsors. And neither Senate bill reached a vote on the floor.

While that surprises no one, I hope there is a different outcome this time around!

Email:    Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson