The Secret Election of 2016 | Time Magazine | July 31, 2017

Since May, U.S. spy hunters had seen evidence that Russia’s military intelligence might try to damage the expected winner, Hillary Clinton. The intel was incomplete but pointed in the same direction: an initial report of a bragging Russian Military Intelligence (GRU) official that month was followed by other intelligence reports indicating a widespread willingness to interfere. In the wake of the Illinois intrusion and on the basis of the intelligence it had received, the White House team by mid-August believed there were three main ways Russian President Vladimir Putin could undermine the integrity of the vote.

First, the Illinois intrusion

Illinois discovered the intrusion on July 12, when the hackers triggered an alarm by trying to download the whole file of 15 million voters. Illinois officials took the system offline and found that about 90,000 files had been stolen, more than 75,000 of which included personal data like driver’s-license numbers and the last four digits of the voters’ Social Security numbers. When Illinois reported the news to the FBI in late July, the bureau dispatched a tactical Cyber Action Team to the state capital, Springfield, where the computers are kept.

Fortunately for the feds, Illinois officials had kept a full backup of all the data on the system from before the SQL attack, so the FBI was able to track what the hackers had done. Bureau agents found that while they were inside, the hackers had attempted to alter and delete information in the voter rolls. In particular, they had tried to change voters’ names and addresses. As far as they could tell, none of the efforts had been successful. Most important, Illinois had recorded the IP addresses of the attackers. Those digital fingerprints and the techniques the hackers had used, combined with the intelligence reporting on Russian plans, convinced the feds that the attackers were a group, known as Fancy Bear, that operates as an arm of GRU.

Now, the national election

At first, says a former senior White House official, that revelation “was terrifying.” For a week or so starting in late July, the feds faced the prospect that Russia might be planning to physically hack into the voting machines and fiddle with the vote count. The urgent need: to figure out if Moscow could actually swing the election. As it turned out, the White House had on staff one of the country’s leading experts in voting-machine manipulation, professor Ed Felten of Princeton, who was serving as deputy to the U.S. chief technology officer. Felten had famously been the first academic to obtain a Diebold voting machine and publish a public study showing it could be compromised.

Heavier forces waited in the wings. The White House plan included the possibility of deploying active and reserve components of the military. “The Department of Defense may support civil authorities in response to cyberincidents based upon a request from a federal agency, and the direction of the Secretary of Defense or the President,” the plan said. Two people familiar with it say the idea was to make the Pentagon’s cyberexperts available to mitigate and investigate an attack.

(1) The first and most disruptive thing Russia might do: subtly alter the voter rolls. Deleting records would draw too much attention, but running a program against registration files that would, for instance, flip the second letter in every voter’s address could go unnoticed. Then, on Election Day, every voter in a swing county would have to vote by provisional ballot, giving the impression of chaos and allowing a propagandist who wanted to call into question the vote to do so after the fact.

(2) Another possibility involved the propaganda value of fiddling with a voting machine. Michael Daniel, former White House cybersecurity coordinator said: “We worried, Could [a hacker] document an intrusion into a [single] voting machine and then say, ‘Here’s the YouTube video. We did this a hundred thousand times across the United States,’ even though they had never done anything like that?” That would sow doubt about every machine in the country and would also undermine the final vote’s credibility.

(3) Lastly, the Russians could interfere with the election reporting system. The actual vote tally is decentralized and extremely slow: local officials count and validate their results, and state secretaries, election boards or other state officials sign off on the total tabulations, and only then is the official vote certified. That decentralization is the system’s strength. But on election night, nearly all reporting across television, the Internet and news wires relied on the Associated Press. Altering the data reported by the AP, or just taking down the AP system with a sustained attack, could cause chaos.

A senior intelligence official tells TIME that while the cybersecurity officials at the FBI, DHS and the White House may have been scrambling to secure the vote throughout the fall, the counterintelligence operation at the bureau aimed at uncovering whether the Russian operation was trying to aid Trump only really began in earnest once the election was over. Given the focus of FBI cyber and counterintelligence officials on Hillary Clinton’s emails, this looks like a spectacular blunder in retrospect.

The Russia counterintelligence probe “never got any intelligence legs until after the election,” the senior official says, “because I don’t think anybody believed Trump would win, so nobody really put a lot of stock into the Russian attempts [to help him].”

Source url: http://time.com/4865982/secret-plan-stop-vladimir-putin-election-plot/