with Tonya Riley

During four years in which government agencies have been increasingly manipulated to serve President Trump’s aims, the agency tasked with protecting the 2020 election against hacking has managed to steer clear of partisan politics. 

That straight and narrow path has allowed the Cybersecurity and Infrastructure Security Agency to become a trusted hub of election security expertise for red and blue states, which have cooperated with CISA to fundamentally revamp their election cybersecurity protections during the past four years. 

The agency's apolitical track record will also be vital on Election Day and afterwards, when CISA plans to run a virtual war room, delivering trusted information about election threats to thousands of state and local officials, political parties, social media companies and others, orchestrating the response to interference from Russia and elsewhere and tamping down unvetted rumors about interference that threaten to sow panic and distrust in the election results. 

The folks at CISA continue to just play it straight and call it as they see it,” Suzanne Spaulding, who led a precursor of CISA called the National Protection and Programs Directorate during the Obama administration, told me.

CISA’s reputation as a nonpartisan advocate for election security stands in stark contrast to other parts of government. 

Former intelligence officials have accused Director of National Intelligence John Ratcliffe, for example, of selectively declassifying information to damage Democratic presidential nominee Joe Biden and Democrats have charged him with misrepresenting election threats to stay on Trump’s good side.

At the Justice Department, Attorney General William P. Barr has also mischaracterized election threats and echoed some of the president’s unfounded claims that voting by mail during the pandemic will lead to widespread fraud.

Like Trump, numerous White House staff have also cast doubt on the security of mail voting. Trump has held only one Cabinet-level meeting on election security during his presidency and generally views discussion about Russian interference as threatening the legitimacy of his 2016 victory over Hillary Clinton, even though there’s no evidence actual votes were changed.

But CISA’s credibility will be put to the test on Election Day and afterward. 

The agency is preparing to knock back a slew of disinformation on social media and is banking on voters trusting its fact checks and rumor control more than what they see from random online sources. 

One of the agency’s biggest concerns is that adversaries — including Russia and Iran – will claim to have manipulated election results when they really haven’t or will take credit for sabotaging election systems that actually just malfunctioned.

Responding to such claims will be a challenge because government is typically slow to make public comments before it knows all the facts. Back in 2016, for example, it took several months for officials to share some of what they knew about Russia's responsibility for sharing hacked documents from the Democratic National Committee and the Hillary Clinton campaign. It took even longer for them to reveal the Kremlin had probed state voting databases. 

During a media tour of the election war room on Friday, CISA Director Chris Krebs promised a “much faster entrance into the dialogue from a crisis communications perspective" this year.

Already, officials have accused Iran of mounting an effort to intimidate voters by posing as the far-right group the Proud Boys, of stealing nonpublic voter data from one state and probing websites in numerous others. 

Another big challenge will come if Trump launches unfounded attacks on the election process — as he has done repeatedly throughout the campaign — by claiming widespread mail ballot fraud, trying to halt counting of legitimate votes or prematurely declaring victory based on incomplete results. 

CISA’s independence from Trump’s political influence wasn’t always assured. 

There was great concern among staff, for example, that the agency would be pressured to aid an early effort by former Kansas secretary of state Kris Kobach (R) to prove the existence of widespread voter fraud in 2016, former CISA officials told me. That panel later disbanded without finding any significant evidence of such fraud.  

Officials including Krebs have also scrupulously avoided criticizing or even explicitly correcting Trump’s unfounded attacks on the election’s legitimacy — even as their own assessments often directly contradict his statements about the security of mail ballots and other topics. 

“It’s not my job to fact check any candidate, certainly on the presidential ticket,” Krebs said during Friday's media event when pressed on some of Trump’s more controversial comments. 

Yet, CISA is promoting a rumor control Web page that knocks back false claims about election security including claims that the president has made frequently. 

The site warns, for example, that  “safeguards are in place to prevent home-printed or photocopied mail-in ballots from being counted,” contradicting claims by both Trump and Barr that foreign powers could manipulate an election by printing phony ballots. 

The site also warns that “election night results are not official results,” although Trump has frequently insisted the winner should be known on election night.

“It’s certainly well known the president doesn’t want to talk about election security for the most part or Russians interfering in our elections,” Rep. Jim Langevin (D-R.I.), co-founder of the Congressional Cybersecurity Caucus, told me. “I’ve been impressed with what CISA has been able to do and what they’ve accomplished in terms of assuring election security under a very challenging work environment.” 

Observers credit CISA’s political independence to a mix of strong leadership and an ability to largely fly beneath Trump’s radar. 

Langevin praised Krebs as “a straight shooter, with high credibility from industry, state and local officials.” 

Numerous state election officials also cheered the 2018 hiring of CISA Senior Cybersecurity Adviser Matthew Masterson, a former election assistance commissioner appointed by President Barack Obama in 2014, who has a reputation for strong relationships with election officials across the country.

“They care about security, they’ve invested the time, they’re knowledgeable and they’ve built good relationships,” Ari Schwartz, a former senior cybersecurity official in the Obama administration, told me.

CISA, which is nestled inside the Department of Homeland Security, has also benefited from its relatively low position within the federal bureaucracy, where its work is less likely to draw the president’s attention. The agency also isn't responsible for making any intelligence assessments about Russian activity that might draw the president's ire — only for passing those assessments on to states, which generally happens quietly and outside of the president's view. 

“Part of it is flying under the radar, which is unfortunate,” Spaulding said. “You’d like to have a president out there reinforcing the messages CISA’s putting out. But the best they can do is try to get their message out to the key people who need to hear it.” 

The keys

Wikipedia is blocking edits on some pages to prevent spreading election disinformation.

Leaders fear that bad actors could selectively edit the site to spread phony narratives that undermine the election — and those erroneous posts might get pulled automatically into information services such as Alexa and Google, giving bad actors a way to spread disinformation even further. 

If it's wrong on our platform, it could potentially be wrong everywhere, Ryan Merkley, chief of staff at the Wikimedia Foundation, the nonprofit organization behind the online encyclopedia, told Cybersecurity 202 researcher Tonya Riley.

Although Wikipedia doesn't have the chat or posting features that allows content to go viral on social media sites, it is still "very valuable to get incorrect information onto what is one of the most trusted sites on the Web right now, Merkley said. 

The site's largely volunteer-run community has already locked down some pages including its “2020 election” page to prevent edits from new accounts that bad actors may hide behind. All of Wikipedia's edits are public and the platform uses artificial intelligence to flag suspicious edits so editors can move quickly on Election Day. Moderators have used similar tools to help prevent spreading misleading coronavirus information.

Wikimedia doesn't tell editors which pages to lock, but it could step in if there's a case of imminent harm, Merkley said.

Like Twitter, Google and Facebook, Wikipedia will coordinate with U.S. intelligence agencies and other tech companies to share threats on Election Day, he said.

White House coronavirus adviser Scott Atlas apologized for appearing on Russian state media.

Atlas said he was unaware that the news outlet RT is registered as a foreign agent, Josh Dawsey reports

“I regret doing the interview and apologize for allowing myself to be taken advantage of, said Atlas, who has publicly played down the devastation caused by the virus. I especially apologize to the national security community who is working hard to defend us.

The Kremlin-backed media outlet has pushed disinformation about the U.S. election. U.S. officials have also blamed Russia for spreading disinformation around the coronavirus

The White House said that Atlas did not have permission for the interview.

The Commerce Department will defend the Trump administration's ban on TikTok despite court setback.

The ban was set to take effect on Nov. 12, but District Judge Wendy Beetlestone's ruling stops the Commerce Department from banning the app from operating inside the United States. 

The agency says it will comply with the injunction but intends to defend the implementation of the executive order banning the Chinese-owned social media app, David Shepardson at Reuters reports.  

The White House contends that the Chinese government could force TikTok to share U.S. user data with the Chinese government.

Beetlestone noted, however, that the “government’s own descriptions of the national security threat posed by the TikTok app are phrased in the hypothetical.”

A separate suit that resulted in a preliminary injunction on the ban in September will have another hearing on Wednesday.

Securing the ballot

Texas's Supreme Court denied Republicans' request to invalidate 127,000 ballots that have already been cast. 

The Republicans argued that the ballots were illegally cast during an early-voting drive-through program in Harris County, Elise Viebeck reports. It's the second time the court rejected a complaint about the drive-through program. Today, the case will go in front of a federal judge. 

The push comes as Republicans in other swing states shift from attempting to block voting rule changes to challenging individual votes. 

Former Ohio governor and Republican presidential candidate John Kasich called the GOP lawsuit “horrific” and “morally reprehensible” on CNN. 

More election news:

Chat room

Here's a good thread from researcher Kate Starbird on how to steer your friends and family away from election night misinformation:


  • The Cybersecurity Coalition and the Cyber Threat Alliance will host CyberNextDC on Nov. 17-18, starting at 11 a.m.

Secure log off

In memoriam:

Scottish movie legend Sean Connery, who shot to international stardom as the suave British agent James Bond, died at age 90 during the night of Oct. 30-31. (Reuters)