EXPLAINER: Threats to US election security grow more complex

FILE - Jen Easterly, Director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, speaks during the summer meeting of the ´ºÉ«Ö±²¥ Association of Secretaries of State on Aug. 14, 2021, in Des Moines, Iowa. With the midterm elections just days away, Easterly and other officials say they have no evidence that election infrastructure has been altered by hostile actors to prevent voting or vote counting, compromise ballots or affect voter registration accuracy. (AP Photo/Christina Almeida Cassidy, File)

BOSTON (AP) — Top U.S. election security officials say protecting the nation’s voting systems has become increasingly challenging.

That’s due mostly to the embrace by millions of Americans of unfounded and about in the 2020 presidential race.

With the midterm elections just days away the director of the U.S. Cybersecurity and Infrastructure Security Agency, Jen Easterly, and other officials say they have no evidence that election infrastructure has been altered by hostile actors to prevent voting or vote counting, compromise ballots or affect voter registration accuracy.

But they're not lowering their guard. Disinformation is rampant. Foreign rivals are capable of potent cyber mischief. And the insider threat is considered greater than ever. On top of the of elections officials — which is authorities’ overriding concern — security experts are particularly worried about tampering by those who work in local election offices or at polling stations.

“The current election threat environment is more complex than it has ever been,†Easterly told reporters in mid-October.

Global rivals also are expected to deepen longstanding disinformation efforts. The tense geopolitical moment means may have fewer qualms about trying to disrupt the conduct of elections in key battlegrounds with cyber operations.

The spectrum of potential threats is wide: foreign ransomware gangs friendly with the Kremlin, conspiracy-obsessed local election officials, hostile voters bent on sabotage or with dirty tricks or misinformation.

Here are some of the potential threats agencies are assessing through Election Day:

THREATS FROM WITHIN

are a growing concern and could undermine serious strides made to secure voting systems — including migrating to hand-marked paper ballots and introducing reliable audits — since they were declared critical national infrastructure in January 2017.

Rogue election officials could to unauthorized individuals, as happened in and . or could try to access voter registration databases or equipment, or plant malware to taint election management systems.

Eddie Perez, a voting technology expert with the nonprofit OSET Institute, calls the repeated efforts to cast doubt on the integrity of voting equipment an element of a more broad “manufactured chaos†— intentional subversion of the nation's elections to sow doubt.

Perez is among specialists who think attempts to discredit voting technology are one manifestation of efforts by former President Donald Trump and his allies to undermine trust in election results so Republican-controlled state legislatures — rather than voters — can decide the outcome of future races.

To counter the threats from insiders, federal authorities have conducted trainings and encouraged election officials to focus on limiting access to critical equipment, adding video surveillance and key cards on doors. They also encourage strict chain-of-custody rules for everything from ballots to voting scanners and tabulators.

Threats to and attempts haver occurred with and intensity, federal and local law enforcement officials say. They are especially concerned about physical violence by protesters in highly contested districts during the post-election vote-counting process.

THREATS FROM ABROAD

U.S. officials have issued two main election-security advisories in the run-up to the Nov . 8 elections. They say and that

Foreign meddlers could launch cyberattacks or exaggerate the effects of relatively ineffectual attacks. They could about voting or , try to incite violence or, if violence is already happening, fan the flames.

have risen since the in the 2016 presidential race. None have had anywhere near the impact, though.

Rivals constantly probe U.S. networks for vulnerabilities. Moscow may seek payback for Washington’s arming of Ukraine against its invasion. Iran resents U.S. support for anti-regime demonstrations triggered by the death in police custody of a young woman who defied head-scarf orthodoxy. As for China, relations are tense as Washington tries to throttle high-tech supplies to Beijing over its and .

There's also the possibility that foreign actors might have breached election systems long ago and are waiting to pounce.

ATTACKS FROM FOREIGN ADVERSARIES

On Election Day, hostile foreign powers or sympathetic hackers could mount what are known as denial-of-service (DDoS) attacks, which render websites unreachable by flooding them with junk data. such attacks could prevent voters from looking up registration information or polling locations, or knock offline sites that report election results after voting ends.

One group on the radar of the U.S. cybersecurity agency is Killnet, pro-Russia hackers who made a ruckus in October by organizing DDoS attacks on U.S. airport and state government websites.

and don’t destroy data or even breach sites. But they can frustrate voters and election poll workers, and become powerful grist for disinformation offensives. For example, Russian state media and could amplify exaggerated claims of disruption, as occurred with the Killnet effort against the airport and government sites.

Another potential threat are Russian-speaking that operate with little Kremlin interference. They have largely spared U.S. election infrastructure, which by now tends to be a lot better protected than many of the hospitals, schools and businesses they routinely plague.

Hack-and-leak operations also are possible. Sensitive data could be stolen from election or campaign websites, partially falsified and released online.

Cybersecurity firm Trellix reported in Pennsylvania and Arizona, both battleground states, over the summer seeking to harvest passwords and potentially interfere with the administration of absentee ballots.

“In many cases, the threat actors attempting to breach our election systems are the same ones who are conducting influence operations that seek to sow discord,†Easterly, the CISA director, said in mid-October.

That could include the Russian troll farm known as the Internet Research Agency, a key player in the 2016 Russia destabilization campaign that favored Trump and sought to in the U.S. The group sought to including by purchasing online ads.

said it was “almost certain†that networks associated with the group “are engaging in covert malign influence on a subset of the U.S. population.â€

On Thursday, that suspected Russian operatives have been disseminating on far-right media platforms beginning Oct. 29 political cartoons disparaging Democratic candidates in tight statewide races in Georgia, Ohio, New York and Pennsylvania.

___

Associated Press writer Christina A. Cassidy in Atlanta contributed to this report.

___

Follow AP’s coverage of the elections at: . And check out to learn more about the issues and factors at play in the 2022 midterm elections.

The ´ºÉ«Ö±²¥ Press. All rights reserved.

More Science Stories

Sign Up to Newsletters

Get the latest from ´ºÉ«Ö±²¥News in your inbox. Select the emails you're interested in below.