Happy Anniversary to America’s Most Corrupted Election – Foreign Policy

Happy Anniversary to America’s Most Corrupted Election –Lawfare / Foreign Policy
by Susan Hennessy and Benjamin Wittes //Lawfare//Brookings

It’s the one-year anniversary of the day the American public elected Donald Trump president of the United States of America. It’s also the anniversary of the culmination of an unprecedented foreign adversary operation to interfere with and delegitimize the U.S. elections. The public has spent much of the last year debating whether such an operation really occurred, the extent of possible involvement of people in the United States, and what impact it might have had on the outcome.Far less attention has focused on how we’re going to stop it from happening again.

We previously noted the startling lack of concern demonstrated by the nation’s chief law enforcement officer, Attorney General Jeff Sessions, on the matter. Sessions testified before the Senate recently that notwithstanding the threat of future foreign interference, he’s not sure what the Justice Department is doing about it. It seems he hasn’t bothered to ask.

Unfortunately, Sessions isn’t alone. Despite enduring interest in the issue of election security among the public and on Capitol Hill, the Trump administration has taken remarkably few concrete steps to counter the threat of foreign interference in 2018, 2020, and beyond.

Below are some ideas on where the executive branch — with help from Congress — should start.

First, it needs to disentangle pure election security issues from broader information operations or covert influence campaigns. Information operations certainly impact the broader context in which elections occur and can interact with election security issues to further undermine confidence. But they should be understood as a separate issue, with a distinct set of available solutions.

Election security involves the more specific threat to election infrastructure and voting systems used in the management and administration of elections. Voting systems include things like voting kiosks, voter registration systems, election night reporting, and poll books (where voters check in). Depending on how broadly one construes election security, it also may involve protecting systems used by campaigns, parties, and candidates.

The information security community has busied itself over the past year proving the alarming vulnerabilities in these systems. At the annual DefCon cybersecurity conference, it took hackers about 90 minutes to thoroughly compromise U.S. voting machines in ways that would allow them to remotely change vote tallies.

To be clear, even if actually changing vote tallies isn’t a technical impossibility, it’s still extremely difficult to do so on the scale necessary to predictably change the outcome of a statewide or national election. The most probable actors with both the incentives and technical capacity to carry out sophisticated attacks are foreign governments. In order to successfully fix an election, they wouldn’t only have to beat forensic detection but also evade the U.S. and allied intelligence communities. The aftermath of the 2016 election demonstrated that is no easy task.

Unfortunately...