Could Russia have hacked the U.S. presidential election? On Nov. 23, a group of computer scientists called for Hillary Clinton to ask for a recount and an audit in Michigan, Pennsylvania and Wisconsin, citing differences in electronic voting tallies when compared with counties using paper ballots.
Two material facts have combined to create this latest cyber hysteria. First, we know that just over half of voters were disappointed at the results of the Nov. 8 election. Second, Russia hacked personal and campaign emails over the summer, along with voter rolls in some states, apparently to erode confidence in the American electoral system.
The chief problem is that these differences in tallied votes can be explained by many other factors. One reason is that votes are being compared with exit polls, which have a history of being off the mark. Another is the fact that a number of white voters who voted for President Obama in 2012 switched to the Republican candidate this year.
Wisconsin has announced an audit of the vote — and has a Nov. 25 deadline for a candidate to petition for a recount. But there’s little evidence that Russia hacked the election — or our democracy. In fact, calling for a recount based on such flimsy evidence and the hint of foreign influence erodes public confidence in the U.S. electoral system and tells us more about U.S. citizens’ cyber insecurities.
Hillary Clinton, by the latest count, won the popular vote by 2 million votes. But Clinton’s loss in the electoral college tally reflects the urban-rural divide, Rust Belt economics and a host of other factors, including racial identity, fear of immigrants and concerns about terrorism.
Suggestions that Russia hacked the U.S. presidential election are unhelpful, as Russian capabilities do not extend that far. Hacking voting precincts would take physical manipulation of machines. Hackers would have to open and physically reprogram each voting machine in each targeted precinct, or swap in malware-infested voting cards to replace the original ones. This would take a legion of Russian spies betting on not getting caught — not a risk that a calculating Russian President Vladimir Putin would be likely to take.
We do know that the U.S. government warned the Kremlin before the election and made it clear that any meddling would be met with retaliation. Russia apparently stopped its email-hacking activities before the election. Some analysts argued that this move reflected a realization in Moscow that the election of Trump might not be at all helpful to Putin’s international ambitions. It’s also likely that U.S. actions, such as closing off WikiLeaks’ Internet access, were proportional responses that demonstrated U.S. resolve.
Russian election interventions have limited impact
Russia has been waging information warfare for decades, with the primary goal of sowing discontent and mistrust in the adversary’s population. Yet the Russian hacks and the WikiLeaks dumps had a limited effect on Clinton’s popularity or chances of electoral victory. If anything, the correspondence that emerged via WikiLeaks demonstrates the banality of the Clinton emails that so many had been fighting over for months.
The U.S. reaction to the threat of hacking and external meddling says more about U.S. cyber insecurities — and misunderstandings of how cyberattacks could affect target states, since the prior email attacks had limited punch.
Our current research focuses on the question of cyber coercion, which would provide a reason for the general cyber peace that has existed in recent decades. Despite reports of constant intrusions, the majority of cyber actions we’ve logged are espionage and disruption events, not more coercive moves, such as compellence or deterrence meant to change the behavior in the target state.
We fear cyberterrorism like we fear conventional terrorism
The United States is not in a new era of cyberwarfare, as many have suggested. Instead, there are more incidents of the same, traditional disinformation tactics, aided by new methods. The unlimited possibilities of computer network attacks — not the technical realities — are what weigh more heavily in observers.
To date, squirrels have caused more attacks and deaths related to critical infrastructure than have cyberattacks. But the hysteria caused by the threat of cyber hacks and election violations has played a role in how Americans view this recent election.
Research by an Israeli team led by Michael Gross suggests that people’s fears of cyberterrorism are not significantly different from their fears about conventional terrorism. In fact, the threat of cyber violations provokes a biological reaction, as measured by increased stress. This suggests that the impact of cyber violations weighs more heavily in people’s minds and bodies than in reality.
That an election theoretically could be hacked does not mean that it was. The hypothetical possibilities inherent in digital attacks often far outweigh the actual extent of digital aggression.
With the final vote count not even complete, it is difficult to suggest at this point that there is anything amiss statistically. While it is important to protect our democracy and establish systems that will withstand external attacks — and backed up by redundancies — now is not the time to blame Russia.
Ryan C. Maness is a research fellow of security and resilience studies in the Department of Political Science at Northeastern University.
Brandon Valeriano is the Donald Bren chair of armed politics at Marine Corps University and a reader at Cardiff University.