with Tonya Riley
It's official: The race to hack the 2020 general election is in full swing.
Iran tried to hack into Gmail accounts used by President Trump’s reelection campaign staff, the leader of Google’s threat-hunting team revealed in a tweet. China, meanwhile, tried to hack staff for former vice president Joe Biden, the presumptive Democratic presidential nominee, Shane Huntley said.
The hackers didn’t successfully breach those accounts. But these nation state-backed hacking campaigns are likely to be the just the beginning of a general election campaign that will be ripe for disruption by U.S. adversaries.
“It’s no surprise the Chinese and Iranian governments are trying to compromise our 2020 presidential campaigns through cyberattacks. Their goal is simple: suck up information about our candidates' campaigns and then create conflict and chaos in our election,” Matt Rhoades, who managed Mitt Romney’s 2012 campaign and helped launch a bipartisan group aimed at preventing election hacking, told me.
Officials with the Department of Homeland Security and U.S. intelligence have been warning for years that Russia and other nations will try to use hacking and disinformation to undermine the 2020 contest in a replay of operations from the last presidential race, which leaked reams of embarrassing information about Democratic nominee Hillary Clinton in an effort to help Donald Trump.
But the threat has grown in recent months as vastly more campaign work has moved online as a result of the coronavirus pandemic, experts say. The American public also has likely grown more vulnerable to influence efforts based on leaked information as it is roiled by conflict over the pandemic and civil unrest following the death of George Floyd in police custody.
“It doesn’t matter if you are a Democrat or Republican, they are coming for you,” said Rhoades, whose group Defending Digital Campaigns offers campaigns free and reduced-price access to cybersecurity products.
This isn’t the first report of foreign hacking during the 2020 cycle. But efforts are likely picking up with the general election effectively underway.
That’s partly because adversaries can concentrate on hacking into just two campaigns now, Clint Watts, a distinguished research fellow at the Foreign Policy Research Institute who focuses on election interference, told me.
Adversaries are also probably ramping up their efforts now because it takes a lot of time and effort to successfully penetrate a well-protected organization such as a presidential campaign. So, if they hope to hack into a campaign, find embarrassing information and release it in a way that affects the November election, time is already running short, Watts said.
“You have to hack before you can influence, and the longer you wait, the more your window for influence is going to wind down,” he said.
Microsoft revealed that a group tied to Iran was targeting a presidential campaign in October 2019, which media outlets including Reuters identified as the Trump campaign. Intelligence officials told Sen. Bernie Sanders (I-Vt.) that Moscow was attempting to help his presidential campaign before Sanders dropped out of the race in April. Officials also told lawmakers that Russia prefers to see Trump reelected.
China and Iran may not be following Russia’s 2016 playbook.
China has a long history of hacking for traditional espionage — such as learning the interests and motivations of U.S. leaders — without releasing the information they steal. That includes hacking the presidential campaigns of both Barack Obama and Sen. John McCain (R-Ariz.) in 2008 and Mitt Romney (R) in 2012.
“China doesn’t just want to know Biden’s opinion about China. They want to know all of Biden’s staff’s opinions about every part of the world,” Watts said.
Iran, however, is more likely to be interested in stealing and releasing information that undermines the Trump campaign because of leaders’ antipathy toward the president, Watts said. Trump ordered the killing of one of Iran’s top generals, Qasem Soleimani, in January and pulled the U.S. from the deal to curtail Iran's nuclear program negotiated by his predecessor Barack Obama.
An even more dire scenario would be if an adversary stole and released legitimate campaign information, along with phony or altered information aimed at disparaging the candidate.
“Since 2016 the fear is that the adversary could leak data and add forgeries to the leak,” Thomas Rid, author of “Active Measures,” a book on disinformation, and a professor at Johns Hopkins University, told Ellen Nakashima, Josh Dawsey and Matt Viser. “The concern is the adversary could weaponize the information.”
Google’s warning comes as U.S. intelligence officials are beginning to brief the campaigns about hacking and other threats from foreign adversaries.
Those officials are also advising the presidential campaigns on how best to protect themselves, along with officials from the FBI and DHS, my colleagues report.
Republican National Committee officials recently participated in one of those briefings and learned that foreign adversaries unsuccessfully tried to hack some of their staff members, my colleagues reported.
The campaigns, meanwhile, stressed that the attacks weren’t successful.
“We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them,” Biden’s campaign said in a statement. “Biden for President takes cybersecurity seriously, we will remain vigilant against these threats, and will ensure that the campaign’s assets are secured.”
The Biden campaign told me earlier this year that its protections include requiring extra verifications before employees can log in to accounts and devices, and “training staff on cybersecurity best practices and tools to ensure the campaign infrastructure remains secure.” The campaign did not respond to a question Thursday about whether all those protections are still in place.
A Trump official said the campaign is “vigilant about cybersecurity and do[es] not discuss any of our precautions.”
The FBI said in a statement that “adversaries are constantly looking for vulnerable U.S. networks to exploit, and networks associated with political organizations are no exception. That is why we are focused on imposing consequences on malicious cyber actors, so they think twice before attempting an attack in the first place.”
Encrypted-messaging app Signal is offering a face-blurring feature to help protesters.
The new feature comes as a record number of people are downloading the app amid concerns about government surveillance of protests over the killing of George Floyd. The app is already popular among protesters because it provides end-to-end encryption, which protects messages from being read by anyone who is not the recipient or the sender and generally puts them out of the reach of police warrants.
“We’ve … been working to figure out additional ways we can support everyone in the street right now,” Signal co-founder Moxie Marlinspike wrote in a blog post. “One immediate thing seems clear: 2020 is a pretty good year to cover your face.”
Jordan Harrod, a Ph.D. student at Harvard University and the Massachusetts Institute of Technology focused on artificial intelligence, explained the importance to protesters:
P.S. - You should also remove image/video metadata before posting.— Jordan Harrod (@JordanBHarrod) June 4, 2020
Facebook will begin identifying content from state-controlled media amid concerns about propaganda influencing the 2020 election.
The labels will appear over the next week, according to a company blog post. The feature comes as Facebook has declined to label posts by President Trump that its competitor Twitter says include false information or glorify violence.
Lawmakers praised Facebook’s move, saying it would help curb foreign interference in the upcoming election.
House Intelligence Chairman Adam B. Schiff (D-Calif.) called it “an important step to helping users stay vigilant against potential attempts by foreign adversaries to shape strategic narratives or spread disinformation under the guise of ‘independent’ journalism.”
Facebook later this summer will also begin blocking ads from foreign state-controlled media targeted at U.S. users “to provide an extra layer of protection against various types of foreign influence … ahead of the November 2020 election.”
Facebook and Twitter faced a reckoning over how to moderate state-controlled media when the companies discovered coordinated influence campaigns from state media in China last August. Twitter banned state-media ads in response. Facebook announced it would begin labeling state-run media accounts in October but delayed the release of the labels.
A Florida citizen is challenging Trump with election fraud after he voted by mail in the state.
The complaint, which was filed with the Florida Department of State, argues that Trump should not be allowed to use the address of his Mar-a-Largo resort as his legal residence because it is a private club. Trump registered that address after first being denied by Florida officials when he tried to list his White House address on an absentee-ballot application, according to elections records obtained by The Washington Post.
The legal challenge increases scrutiny on Trump’s attempts to vote by mail at a time where he has waged a war on the practice nationally, arguing with no evidence that it leads to widespread fraud.
The attorney in the lawsuit is also representing a Mar-a-Largo neighbor that has challenged Trump’s residency status in relationship to a building permit. At least one additional elections fraud complaint is being prepared, according to documents reviewed by The Post.
Trump’s representatives could not be reached for comment.
Privacy hawks are slamming the videoconferencing service Zoom for its decision to make the strongest encryption available only to paid users. Here's Sen. Ron Wyden (D-Ore.):
Privacy and security shouldn't be reserved for those who can pay. I urge Zoom to rethink its decision to charge users for strong encryption. https://t.co/byfZId39mP— Ron Wyden (@RonWyden) June 4, 2020
Fight for the Future and other privacy advocacy groups have slammed the company over its comments about encryption and working with law enforcement officials:
There is no "misunderstanding." Your CEO explicitly told Bloomberg you would not offer end to end encryption for free accounts so that you can "work together with FBI, with local law enforcement."— Fight for the Future (@fightfortheftr) June 4, 2020
What will you do when governments say "give us access or get shut down?" https://t.co/BVBIOM01i1
Alex Stamos, a former Facebook cybersecurity chief, who is advising Zoom, had this to say:
Many voices in law enforcement want no E2EE, because they see access to plaintext as the solution to all problems and believe the privacy harms are massively overblown. Privacy advocates only see privacy harms, and dismiss other abuses as overblown.— Alex Stamos (@alexstamos) June 3, 2020
Foreign actors are 'playing all sides' in online campaigns to exacerbate violence during the protests, Attorney General William P. Barr said.
Barr did not cite specific nations in his speech or provide further details. Twitter and Facebook have removed fake posts about the protests, but experts who study foreign influence operations have yet to see any serious activity, Kevin Collier of NBC News reports.
More government news:
The Russian government denied German allegations that it was responsible for a 2015 hack on the country’s parliament.
Russian Foreign Ministry spokeswoman Maria Zakharova called the claims “absurd” and “unfounded,” the Associated Press reports. Germany has said it will pursue European Union sanctions against the suspected hacker.
More global cybersecurity news:
- The Brennan Center for Justice and Microsoft’s Defending Democracy Program will host a workshop, “Building Election Resilience,” at noon today.
- The Senate Judiciary Committee has scheduled a hearing, titled “COVID-19 Fraud: Law Enforcement’s Response to Those Exploiting the Pandemic,” at 10 a.m. Tuesday.
- The president of Estonia, Kersti Kaljulaid, will be participating in a webinar, “Deciding on the Rules of the Road for Cyberspace: The Who, What, Where, When, How,” presented by the Institute for International Cyber Stability at 10 a.m. Tuesday.
Secure log off
Watch a memorial and march for George Floyd in New York City.