Today, it would be unimaginable to expect presidential campaigns to provide physical protection for their candidates. The risks of an attack are incredibly high, and campaigns simply do not have the sophistication, training or access to intelligence to do the job, especially if a sophisticated country such as China or Russia is the culprit.
But when it comes to cybersecurity, our approach is completely different. The Secret Service provides cyber-protection for the president when he travels, but it doesn’t offer the same treatment for campaigns. When I ran Hillary Clinton’s presidential campaign, the FBI showed up unannounced in our lobby to tell us that Russians were sending spear-phishing emails months after we’d detected them ourselves. They couldn’t do anything to help us; they could only tell us they thought something was happening and ask for evidence.
My goal is not to blame the FBI or the White House. All of us were waking up to this threat in real time. All of us made mistakes. Nor is it necessarily the FBI’s role to provide hands-on help. But it should be someone’s — and today it remains no one’s.
The case for action is overwhelming: Special counsel Robert S. Mueller III’s indictment last week alleged in painstaking detail how Russian agents systematically tracked down and broke into the personal email accounts of staff on campaigns and servers at national party committees. And 2016 wasn’t the first time this happened; presidential campaigns were attacked by Chinese hackers in 2008 and 2012.
Given the warning from Director of National Intelligence Daniel Coats that we are “just one click of the keyboard away” from another attack on our elections, Congress should act to protect candidates as it did after Kennedy was killed. It’s time the Secret Service provided digital security to presidential candidates, their families and their campaigns.
It’s easy to blame this problem on negligence and say campaigns just need to get smarter or spend more money on security. But that wasn’t enough in 2016. On the Clinton campaign, we knew that past campaigns had been hacked, so we hired professionals and put in security measures that appear to have protected all official hillaryclinton.com accounts. Yet Russians still figured out how to get what they needed by breaching more than a dozen personal staff accounts and the Democratic National Committee.
Campaigns simply do not have access to the information required to take on nation-states. Even if they hired the brightest minds in cybersecurity, they still wouldn’t have the intelligence that tipped off federal officials to Russia’s meddling in 2016. How can they connect digital fingerprints to the larger national-security landscape?
The Secret Service, however, can get the full benefit of our intelligence community and synthesize threat intelligence between campaigns. Well more than a dozen Democrats and maybe even an additional Republican or two could be running in 2020. We have already seen Russia’s ability to hack Democrats, but Iran could just as easily decide to attack President Trump in response to his withdrawal from the nuclear deal. North Korea could decide to get into the game. Candidates could be blackmailed before or after the campaign with information stolen from their personal email accounts. Or from the accounts of their spouses and children.
Imagine running for president and, after attacking Vladimir Putin’s illegal invasion of Ukraine, seeing a “blogger” claim that she has an entire cache of your 14-year-old daughter’s private messages. If they’re released, your daughter will endure withering humiliation online. If you just pipe down about Putin, all will be well. Do we really want this to be possible?
The Secret Service should also ensure the security of the campaigns’ internal communications. Today, the Secret Service does not provide physical protection to campaign staff (as anyone left behind by a motorcade can tell you!), but in the digital realm, our email accounts and servers contain candidates’ messages and personal information. Our phones transmit their voice. Our digital interactions with candidates can absolutely be used to blackmail or punish them. As 2016 proved, campaign leaders, who possess thousands of emails from the campaign team and the candidate, are just as prone to disruptive hacking.
Practically, this isn’t that complicated. Sure, there are questions and hurdles to allowing the Secret Service into the lives of candidates and their campaigns. But candidates already trust the agency with access to their personal schedules, homes and campaign events. Agents already hear candidates’ most intimate conversations. The protection would also be voluntary, just like physical security.
In 1968, Democrats and Republicans took an important step that has saved lives and protected our democratic process. It’s time to do so again.