In his congressional testimony last week, former special counsel Robert S. Mueller III once again confirmed the seriousness of Moscow’s attack on our democracy in the 2016 presidential election. Yet that wasn’t even the most important news for those of us who track Russian election interference.
The Senate Intelligence Committee has just published the first section of its report on Russian efforts to influence the election. The bipartisan panel’s report has made headlines by showing that the Russians probably targeted elections systems in all 50 states in 2016. That calculated operation was designed not only to help Trump but also to undermine American democracy more generally.
You’d think this report would give President Trump and Senate Majority Leader Mitch McConnell (R-Ky.) the perfect reason to support new legislation designed to enhance the security of our elections infrastructure in 2020. As the bipartisan report makes evident, enhancing cybersecurity for our election infrastructure is not a partisan issue — it’s an issue of national security. Department of Homeland Security representatives told the committee “there wasn’t a clear red state-blue state-purple state, more electoral votes, less electoral votes” pattern. So far, though, there is little sign that Trump and McConnell are paying attention.
Evidence of Russian interference in the 2016 presidential election is overwhelming. Volume I of the Mueller report also made that clear. Trump, however, has repeatedly dismissed the evidence — presumably out of concern that any recognition of the Russian attack would undermine the legitimacy of his victory. Some of Vladimir Putin’s efforts, after all, were designed to help Trump win.
Unlike the Mueller report, the new volume does not focus on Putin’s efforts to help Trump in 2016. Instead, this new report examines the Russian digital probes of our electoral infrastructure. The results are frightening. Russian operatives made preparations to disrupt election procedures on Election Day. Putin’s cyberwarriors showed particular interest in highly vulnerable voter-registration lists. Changing those databases could have triggered confusion and chaos if voters showed up at their polling stations to cast ballots on Election Day only to be turned away because hackers had manipulated their identifying information.
The report also discusses Russian plans to compromise computer systems responsible for broadcasting preliminary elections results: “If the penetration had been successful, actors could have manipulated the unofficial display of the election tallies.” The report also cites academic research revealing the vulnerability of voting machines themselves. The Senate committee’s study noted, “Moscow may have sought to undermine confidence in the 2016 U.S. elections simply through the discovery of their activity.” Putin even prepared a disinformation campaign in which Russian diplomats and pro-Kremlin bloggers would amplify false claims of voter fraud and underscore the disarray in American democracy, including via the Twitter hashtag #DemocracyRIP.
Thankfully, Putin did not execute this plan. (I hope that future congressional inquiries will explore this further.) But we have no reason to believe he might resist the temptation in 2020. What’s more, the Russians have provided future copycats — foreign and domestic — with a simple template to follow if they wish to make mischief on Election Day, as well. The Department of Homeland Security says non-Russian hackers are also targeting election infrastructure.
Ideally, Trump and McConnell would accept the need for reforms of our vulnerable election security infrastructure. We made a number of corresponding recommendations in the Stanford Cyber Policy Center’s own report, “Securing American Elections: Prescriptions for Enhancing the Integrity and Independence of the 2020 U.S. Presidential Elections and Beyond.”
When McConnell returns to Washington after his summer vacation, he should piece together the best ideas from several draft bills that focus primarily on increasing the resilience of our electoral infrastructure, including paper ballots for all voters, updated cybersecurity software and protocols for all machines and individuals involved in the vote count, and a legal commitment (e.g., Sens. Marco Rubio (R-Fla.) and Chris Van Hollen’s (D-Md.) DETER Act) for the U.S. government to sanction foreign governments and their proxies should the intelligence community determine that they interfered in our elections in 2020. These are sensible, realistic, nonpartisan actions that all Americans should support. What is more patriotic than allowing Americans — and no one else — to decide who should be our next president?
Trump and McConnell should think through the consequences of inaction. What if the Iranians or a Silicon Valley high-school hacking club successfully execute cyberattacks that call into question the validity of the election result — maybe the validity of Trump’s reelection — on Election Day 2020? Even the smallest doubt about the integrity of the vote count would be magnified exponentially in our highly polarized era. Do Trump and McConnell really want to bear sole responsibility for the damage to our democracy?
There’s a better way forward. Congress should pass new election security legislation in the fall.