Opinion: Christopher Krebs: We prepared for more Russian interference. But this year the assault on democracy was from within the US #Breaking112
Our democratic institutions are facing targeted, calculated threats from without, and from within. This is why we prioritized election security as the primary focus of CISA. I made that mission clear at my confirmation hearing when I took an oath to defend the Constitution from enemies foreign and domestic. Our task was to work with state and local election officials to secure from hacking their election infrastructure, including the machines, equipment and information systems.
Our initial strategy to secure the 2020 election centered on defensive measures against the kind of three-pronged Russian attack that was activated in 2016, targeting systems supporting elections, political candidates and public perception. Across the nation’s security agencies, there was unanimous agreement that we could not let it happen again.
Our planning was not just focused on preventing a repeat of the Russian 2016 efforts. We worked with partners in the intelligence community to anticipate diverse tactics that Russia, Iran, China and non-state cyber criminals could attempt to disrupt the election. We prepared for efforts that included a disinformation component, or what is known as a “perception hack,” in which the malicious actor either falsely claims a cyberattack that never happened or claims that an insignificant incident wreaked much more damage than it actually did. In these scenarios, which include the current false claims of voter fraud, those on defense are caught playing catch-up, trying to disprove a negative.
Disinformation targeting elections is one of the hardest problems that remains before the US government. While there are multiple ways to tackle disinformation, we viewed it as a “supply and demand” problem. Some government agencies sought to disrupt the supply of disinformation, but we worked to minimize demand by making the American people more critical of information they encountered in social and news media, and therefore more resilient to it. Ours was an effort to inoculate people from false information.
As Election Day came and went, we continued to monitor networks across the country and work with our partners, with them reporting any suspicious activity to us. As I said in a news briefing, Election Day was “just another Tuesday on the internet.” Normal sorts of scanning and probing were happening, but we did not see any successful attacks or damaging disruptions.
To address this scenario, we once again took to Rumor Control, to correct public perception by highlighting facts about security controls and checks in place that would prevent such attacks. Before, during and after the election, our team held regular briefings with congressional staff, political campaigns, and state and local election officials. I personally led member-level, unclassified phone briefings for both chambers of Congress. This was a continuation of our commitment to transparent, non-partisan work.
To understand CISA’s relationship to the issue of fraud, it is important to define a key distinction between two issues that are often conflated, sometimes intentionally: the security of elections and election-related fraud. My team at CISA had lead responsibility for working with state and local election officials to secure from hacking the election infrastructure, including the machines, equipment and systems supporting elections. We also led a centralized, interagency effort among the National Security Agency, Office of the Director of National Intelligence, FBI and others at the federal level to combat the pernicious effects of disinformation campaigns on our elections. The FBI, state and local law enforcement are responsible for investigating voter fraud and other criminal election activity.
In order to maintain American resiliency, Congress and the incoming administration must continue to reinvent, fortify and fund the American defense on the battlefield of disinformation through both centralized and regionalized interagency cooperation.
Rumor Control was part of CISA’s collaboration with the FBI, and I urge the transition team and the FBI leadership to expand this program in order to remain resilient against increasingly aggressive threats from foreign state actors and private domestic interests. It is also critical going forward for CISA to designate and embed field personnel in each FBI field office. CISA is currently piloting that concept in a Southeastern US field office. I urge Congress to support and fund expansion of these critical FBI-CISA programs.
Moving forward, CISA should also augment its partnerships with the NSA Cybersecurity Directorate leadership by assigning a senior representative to Fort Meade to advise and consult.
Elections in this country are, and should continue to be, run by state and local officials as prescribed by state legislatures in accordance with congressional oversight. But they cannot do their jobs if they do not have adequate support, including a stable stream of funding from Congress so that election officials can work with state legislatures to craft budgets they can depend on to complete the critical transition to paper ballot systems, institute post-election audits, and to implement other appropriate infrastructure and personnel investments.
As foreign and domestic interests attack our democracy for political and financial gain, attempting to infiltrate American public opinion and confidence in our most sacred institutions, our elected representatives must now show true leadership in defending the people by defending the truth.