The Washington PostDemocracy Dies in Darkness

The Cybersecurity 202: Trump’s attacks on the election are hitting a wall with some of his allies

with Tonya Riley

President Trump is running out of allies in his attacks on election integrity. 

FBI Director Christopher A. Wray declined to give ammunition to the president’s unfounded warnings about massive mail ballot fraud during congressional testimony, saying such fraud has never been seen before and would be extremely difficult for foreign adversaries to pull off.

Senate Majority Leader Mitch McConnell (R-Ky.) also pushed back on the president’s refusal to endorse a peaceful transfer of power after the election. He was joined by other Republicans, including Sen. Mitt Romney (R-Utah), though many of them didn't criticize Trump personally.

“There will be an orderly transition just as there has been every four years since 1792,” McConnell promised. 

Democrats, meanwhile, continue to hammer at the president’s unfounded attacks on the election’s validity. In his first major address since ending his presidential campaign, Sen. Bernie Sanders (I-Vt.) declared November’s election will be “not just an election between Donald Trump and Joe Biden. This is an election between Donald Trump and democracy — and democracy must win." 

The bipartisan pushback is a signal Trump is pushing up against lines that even his closest allies are unwilling to cross with just weeks left before the most challenging election in a generation. 

Trump, however, is doubling down. 

He declined again yesterday to endorse a peaceful transfer of power after the election —  even after McConnell’s statement. In response to reporters’ questions on the topic he turned to his typical refrain, launching unfounded attacks on the security of mail ballots. 

“We have to be very careful with the ballots. The ballots — you know, that’s a whole big scam,” he said. 

Election officials say verification and tracking procedures effectively ensure any attempts at widespread ballot fraud would be detected. 

When I talk to election security people, they’re not worried about mail ballots,” Mark Lindeman, interim co-director of the election security organization Verified Voting, told me. “I haven’t seen anyone present a really plausible scenario about how you steal a lot of votes at scale with mail ballots.” 

Instead, election security experts are far more concerned about dangers Trump doesn’t obsess about, such as hackers compromising and modifying online voter registration databases, foreign and domestic disinformation, and an unwarranted loss of public faith in the electoral process, he said. 

That position was echoed by Wray. 

He told senators on the Homeland Security and Governmental Affairs Committee the FBI has “not seen, historically, any kind of coordinated national voter fraud effort in a major election, whether it's by mail or otherwise.” 

He also warned changing the outcome of a federal election “would be a major challenge for an adversary,” Devlin Barrett reported. Wray pledged that the FBI “would investigate seriously” if it saw indications of such an effort.

Events are also increasingly demonstrating election officials have far bigger things to worry about than Trump’s spurious claims. 

Facebook shut down two disinformation networks run by Russian intelligence agencies yesterday along with a third operated by the same notorious troll farm that interfered in the 2016 U.S. election, Craig Timberg reported

That news came just two days after the social media company shut down several Chinese accounts that promoted and criticized both Trump and Joe Biden.

Both operations were focused primarily outside the United States. But they were a stark reminder Russia continues to run the same sort of disinformation operations that upended the 2016 contest. 

Indeed, the Kremlin is upping its game, Craig reports,  “increasingly … using phony news sites and think tanks to lend credibility to its disinformation, in some cases involving unwitting freelance writers in the operations.”

The FBI and Department of Homeland Security have not identified any foreign interference efforts aimed at changing vote tallies, they said

Trump’s claims got a minor boost from a highly unusual case in Pennsylvania. 

The FBI and a U.S. attorney there announced they’re investigating a small number of military service members’ mail ballots found discarded at the Luzerne County Board of Elections office. 

Seven of those ballots were filled out for Trump. The remainder had been returned to their mail envelopes before investigators examined them. 

It’s not clear the ballots were intentionally discarded or if anything nefarious was going on, but a Trump campaign official jumped on the news to claim it demonstrated Democratic election fraud. 

Election and legal experts, meanwhile, warned it’s highly unusual for the Justice Department to release such information before a full investigation — and especially strange to reveal who the votes were cast for, which undermines the ballots’ secrecy. 

They expressed concern the department could be giving Trump fodder in his effort to undermine faith in the election

"It seems worth investigating, but I think it is really weird that they say who the votes were cast for," Rick Hasen, an election law expert at the University of California at Irvine, told CNN. “I think it will become fodder for the president to claim that people are messing with ballots in Pennsylvania.”

Justin Levitt, a former Justice Department official who is now a professor at Loyola Law School in Los Angeles, called the announcement “wildly improper, and it’s truly unconscionable."

"This was not an act of law enforcement, this was a campaign act, and it should mean the end of the career of whoever approved the statement,” he told Devlin

Trump also seems to have gotten advance word about the release. He told Fox News Radio before it came out that, “They found six ballots in an office yesterday, in a garbage can. They were Trump ballots. Eight ballots, in an office yesterday in a certain state. ... This is what's going to happen. And we're investigating that,” CNN reported. 

The keys

A hack that crippled a Texas county’s email systems is raising questions about securing elections.

The attack against Hamilton County, Tex., was launched with basic hacking tools the county should have been protected against, ProPublica reports

The attack appeared to be part of a widespread campaign that wasn’t targeting the election. But it underscores how easily U.S. adversaries could use such hacks to undermine voting and voter confidence. 

If a similar hack happened on Election Day, it could freeze up voting systems, creating long lines and shaking voter confidence

And Hamilton County isn't alone: Dozens of municipal governments in swing states tasked with election duties don't follow basic security protocols against email hacks, ProPublica found.

“This is a massively spread, low-sophistication and low-targeting attack, and they were hacked by that. If a nation-state went after them, they’d crumble in a second, said Mark Arena, CEO of Intel 471.

Hamilton County's top election official insisted that its security provider is taking care of the malicious software. But government emails from the county continue to send out messages infected with malware. 

A court is pressuring the Trump administration to voluntarily delay its TikTok ban.

A federal judge is giving the administration until this afternoon to postpone the ban. If it fails to do so, the court will hold a hearing Sunday morning over whether to grant TikTok’s request for a stay, Katy Stech Ferek at the Wall Street Journal reports

The White House wants to ban TikTok or force its sale to a U.S. company over concerns its Chinese owner could be compelled to share U.S. user data with Beijing. TikTok denies China has ever asked for such data and says it would refuse to provide it if asked.

The Justice Department argued the first phase of the ban wouldn't substantially damage TikTok because it prevented only new downloads of the app. But the judge didn't buy the argument.

TikTok's lawyer, John Hall, told the court that the looming ban would prevent two-thirds of Americans not currently using the app from joining it, engaging in protected speech [shortly] before a national election." 

 Hackers accessed and downloaded data from the network of a U.S. government agency. 

Federal authorities say the hacker got into the network using employee passwords from Microsoft 365 accounts, Andrew Martin at Bloomberg reports. DHS did not say which agency was compromised.  

It's a stark reminder of how vulnerable civilian agencies remain, even years after high-profile breaches at the White House, Pentagon and Office of Personnel Management.  

DHS did not say what data was stolen or who was behind the attack. But the attack was unrelated to the election, an official said. 

Hill happenings

Rep. Lauren Underwood (D-Ill.) will be the next chair of the House Homeland Security Committee’s cybersecurity and infrastructure protection panel, an aide tells The Cybersecurity 202. 

The subcommittee has taken a leading role in recent years overseeing DHS’s work protecting the federal government against cyberattacks and promoting cybersecurity in key sectors, such as state and local governments. The appointment will be formally announced later today. She’s replacing Rep. Cedric Richmond (D-La.) who’s moving onto the Ways and Means Committee. 

Sens. Ron Wyden (D-Ore.) and Elizabeth Warren (D-Mass.) want the IRS's watchdog to investigate its purchase of location tracking without court approval.

The Internal Revenue Service's criminal investigations unit confirmed it paid for surveillance data from the commercial database Venntel this summer after a Wall Street Journal report. The revelation quickly sparked criticism from lawmakers who said the agency was spying on Americans without a court order.

“The IRS is not above the law and the agency’s lawyers should never provideinvestigators with permission to bypass the courts and engage in warrantless surveillance of Americans,” Wyden and Warren wrote in a letter to the IRS Inspector General.

Global cyberspace

The United Arab Emirates and Israel are discussing cooperating on cybersecurity.

The discussions come after a landmark peace deal between the two nations.

“We are threatened by the same threats because of the nature of the region, because of the nature of our new, ‘outed’ relations and because of who we are strong economically and technologically,” Igal Unna, head of Israel’s National Cyber Directorate, said at a news conference, Lisa Barrington and Dan Williams at Reuters report. 

More cybersecurity news:

Tyler Technologies says it was hacked with ransomware, election programs safe (Reuters)

Russian pleads not guilty in foiled Tesla ransomware plot (Ken Ritter and Scott Sonner | AP)

Microsoft supports commission calling for re-establishment of U.S. cyber czar

Industry group raises concerns around proposed ban on Chinese-made drones (The Hill)

Chat room

Lots of organizations test their employees' skill at spotting phishing emails by sending test emails that prompt the employees to click suspicious looking links. But Tribune Media sparked immense blowback when one such test email promised hefty bonuses to employees who'd endured a series of furloughs, pay cuts and closures, as Erik Wemple reports. Here's just a smattering of the response. 

Chicago Tribune's Elise De Los Santos:

The Chicago Tribune's union also got involved:

“The company had no intention of offending any of its employees. In retrospect, the topic of the email was misleading and insensitive, and the company apologizes for its use,”executives said in an email to Erik. But several Tribune reporters noted they never received the apology.

Stu Sjouwerman, founder and CEO of KnowBe4, the software that the Tribune used to run the test, says that such tests "should be used with due respect for employees." Tribune based its email off a KnowBe4 template but modified it, he said. 

Other cybersecurity professionals said such tests need to be “culturally and contextually sensitive.” Mike Chapple, who's the senior director for IT service delivery at the University of Notre Dame. 


  • The Senate Armed Services Committee will hold a hearing on supply chain integrity on Thursday at 9:15 a.m.
  • New Americas Open Technology Institute will hold a virtual panel exploring how Internet platforms are addressing the spread of election-related misinformation on Thursday at 1:30 p.m.

Secure log off

Enjoy them while they last!