12 Cyber Threats That Could Wreak Havoc on the Election

Wednesday night, at a brief, hastily arranged press conference at FBI headquarters, four top US national security officials announced solemnly that they had evidence that two foreign adversaries, Iran and Russia, had obtained US voter data and appeared to be trying to spread disinformation about the election.

It was the latest—and most troubling—episode in a week that has seen near-daily events set off potential alarms about how the US will hold up on and approaching Election Day. In the final hours last Tuesday before the voter registration deadline in Virginia, an accidentally cut fiber-optic cable knocked out access to the state registration portal. The next morning, the New York Post published an odd, inconsistent, and poorly sourced story about Hunter Biden and the Ukrainian energy company Burisma that reeked of a ham-handed information operation. A day later came an extended outage of Twitter. Neither the Virginia cable cutting nor the Twitter outage was nefarious, though US officials continue to argue over the origins of the Burisma leaks.

This week, voters in states like Alaska and Florida began reporting threatening emails, purportedly from the white supremacist group Proud Boys, saying that the targeted Democratic voters should support Donald Trump—or else. National security officials soon confirmed that the emails appeared to originate with Iran—a revelation that led to Wednesday’s press conference.

FBI director Christopher Wray used the event to highlight how united and focused the nation’s security leadership is on protecting the election. “We are not going to let our guard down,” Wray said. Yet the emails and other episodes suggest that the presidential election is sure to be filled with more unexpected surprises and tense moments—and served as reminders of the myriad ways that the election could go wrong in the remaining weeks, days, and hours of the campaign.

Interviews and conversations with numerous election, law enforcement, and intelligence personnel over the last year have highlighted a dozen specific scenarios that particularly worry them as Election Day nears. The concerns roughly break down into two categories: technical attacks on data or access and online information operations.

Such attacks would aim to accomplish one of three goals, which election security officials sometimes describe as subversion, disruption, and defamation. Those respectively cover attempts to outright change the outcome of vote totals, to limit or impede citizens’ ability to vote in the first place, and to undermine voters’ confidence in the election’s legitimacy.

While many such attacks remain theoretical, some of the scenarios have already played out in other circumstances in recent months or in other elections overseas. In addition to the apparent Iranian email campaign, US officials have feared that the Trickbot botnet could be used to deploy a wave of ransomware against election targets in the weeks ahead. US Cyber Command—which as WIRED outlined in its November issue has been unleashed by the Trump administration to defend the country aggressively online—and a consortium of private sector partners, including Microsoft, launched apparently separate attacks against the Trickbot botnet earlier this month, with mixed success.

The first US presidential election since Russia’s unprecedented—and wildly successful—2016 attack was always going to be fraught, in part because other countries might follow Russia’s lead. Warnings—some dire—have come steadily from US officials that foreign actors, criminals, or even domestic groups might try to launch attacks on the integrity or legitimacy of the election.

If trouble does come, it’s unlikely to look exactly like the 2016 attack. Social media companies have gotten better at spotting bad actors on their platforms; Facebook took down a disinformation network tied to Russian intelligence late last month, and Twitter has dismantled Iranian efforts as well. But not only have attackers’ tactics evolved, other foreign adversaries have clearly learned from Russia’s playbook. As Senator Mark Warner has repeatedly stated, such interventions might make smart financial sense; Russia spent only a few million dollars on its 2016 attack—a small fraction of the cost of even a single F-35 fighter—an incredible return on investment for its national strategic interests.