Search AFCEA Site

Enable breadcrumbs token at /includes/pageheader.html.twig

Dealing With Perception vs. Reality in Election Security  

Countering misinformation, disinformation and malinformation is a team effort.
By Jim Richberg
Although election security has never been easy, misinformation, disinformation and malinformation has complicated the role of election officials. Credit: J.J. Gouin/Shutterstock
Although election security has never been easy, misinformation, disinformation and malinformation has complicated the role of election officials. Credit: J.J. Gouin/Shutterstock

 

 

With election day looming, cyber officials across all levels of government face challenges that are significantly different than the last time presidential ballots were cast. Heightened domestic polarization has made physical threats to the safety of election officials and poll workers a greater concern. Fueling this polarization are foreign attempts to shape U.S. public opinion, including perceptions about the fairness of the voting process and the accuracy of election results. Countering this is challenging because election security is as much about the public’s perception of integrity and fairness as it is about demonstrable and measurable security measures. To put it bluntly, if a significant portion of the electorate believes the voting process or the outcome was not fair, then election officials have a problem even if the election was technically secure. 

MDM and Foreign Influence Operations 

We often think of election tampering as someone hacking into voting machines or databases, but a greater digital threat comes in the form of misinformation, disinformation and malinformation (MDM) activity. While the term “MDM” has only recently come into vogue, techniques for covertly shaping another nation’s public perceptions and influencing voting behavior have been around for over a century. The classic technique was for a nation to covertly funnel resources to groups or individuals in the target country who espouse views or positions it favors. Funding is typically filtered through a series of "cutouts" so that the ultimate recipient is unaware of the foreign support.  

With the rise of the internet and social media, nations such as Russia switched to more direct action, creating online accounts and "trolls" to run them, attempting to exert influence in the United States, as illustrated by the Russian Internet Agency (RIA) active in the 2016 U.S. election cycle. The RIA employed around 500 people, many of whom embodied a mix of skills that were relatively scarce in Russia—the ability to write colloquial American English coupled with a strong enough understanding of U.S. culture and politics to be able to masquerade as Americans online. The RIA’s content creators generated about 80,000 social media posts designed to heighten U.S. domestic polarization—and their impact was felt beyond cyberspace, fueling the creation of both physical demonstrations and counterdemonstrations in U.S. cities. 

Generative AI comes to MDM 

While generative AI hasn’t become the cyber "death ray" for malicious actors that some predicted, it has lowered the barrier to entry and raised the capabilities of MDM actors, making it accessible to a wider range of malicious cyber actors or enabling existing ones to employ MDM microtargeted at specific groups of constituents. China and Iran have followed Russia in conducting MDM, targeting U.S. elections in 2020 and 2022, according to the U.S. government.  

Two or three people using GenAI to generate content could match the RIA’s 2016 level of MDM social media production, and they wouldn’t have to be fluent in English or U.S. culture; they would merely need to understand it well enough to spot any "AI hallucinations" in the GenAI output. This makes MDM accessible to a wide range of nation-state and nongovernment actors. And the 500-person level of effort that Russia deployed in the 2016 election cycle would provide adequate staff to target every genuinely competitive congressional and gubernatorial race—with enough left over to focus on some local government contests as well.

 

 

 

 

 

 

 

 

 

Countering MDM 

Election officials can use proven approaches such as the Cybersecurity and Infrastructure Security Agency’s TRUST model to prepare for and counter MDM. The steps of the TRUST approach are: 

  • Tell your story. In other words, be proactive with local media, key stakeholders, such as political parties and candidates, and with your constituents. 
  • Ready your team. Recognize that MDM is not something that can’t happen in your jurisdiction—and in fact, that it is likely or even inevitable. 
  • Understand and assess MDM as it occurs. Following what is happening in social media and online allows you to decide when to swing into high gear in outreach and communication. 
  • Strategize on response. Be selective! If your jurisdiction faces an outbreak of MDM, you likely can’t respond to every instance—you’ll need to have a way of prioritizing. 
  • Track outcomes. Learn from your experiences as you deal with MDM and make adjustments to your approach. 

A key element in refuting MDM is having effective cybersecurity measures you can point to pre-emptively that generate information you can use to help counter MDM claims. For example, having firewalls that capture all network traffic and generate activity logs that cannot be edited provides a solid evidentiary basis for addressing claims that an intrusion occurred and for explaining why an attacker could not cover their tracks by changing the contents of log files.  

Look to leverage commercial solutions, since there are never enough cybersecurity experts to go around, especially in the specialized area of election security. Fortunately, the bulk of the equipment used to conduct elections is commercial off-the-shelf information technology, so focus on commercial security solutions that are automated, that interconnect with the rest of your electoral infrastructure and that can ingest multiple sources of cyber threat intelligence. 

Setting priorities 

While election officials are responsible for ensuring the integrity of the entire electoral process, it can be daunting to figure out how to set priorities, especially when it comes to the perceptual problems that fuel MDM. Focus first on preventing nonrecoverable errors, which are largely those things that directly affect voter participation. While you can perform recounts or delay reporting, there are no "do-overs" in the voting process. 

Focus on assuring the availability and integrity of the voting rights database (VRD) needed for ballot creation in the run-up to the election when local government prepares the ballots tailored to the races in each precinct. And if yours is one of the states that offers same-day voter registration, take measures to ensure that the VRD can be reached securely and reliably from every polling station on election day so that you can register these "walk-up" voters and ensure that they have not already registered and voted elsewhere. 

 

Jim Richberg’s role as Fortinet’s head of cyber policy and global field chief information security officer leverages his nearly 40 years of experience driving innovation in cybersecurity and threat intelligence. Prior to joining Fortinet, Jim served as the U.S. national intelligence manager for cyber. He led the creation and implementation of cyber strategy for the 17 departments and agencies of the intelligence community, set integrated priorities on cyber threat and served as the senior advisor to the Director of National Intelligence on cyber issues. Jim received his undergraduate degree at the Honors Tutorial College of Ohio University and attended graduate school at the Massachusetts Institute of Technology and Stanford.

 

Any opinions offered by authors, guest authors or commenters are their own and do not necessarily reflect the positions or policies of SIGNAL Magazine or AFCEA International.

 

Enjoying SIGNAL?
SIGNAL Magazine is available through subscription or as part of your membership in AFCEA.
SUBSCRIBE NOW
LEARN MORE
JOIN AFCEA