What to do to guard against Election Day cyberattacks


Top election-security experts are urging election officials to put contingency plans into place at polling stations in case critical systems are disrupted during voting on Nov. 8. Their warnings come one week before Election Day, at the end of a presidential race that has seen charges of politically motivated email hacking by Russia as well as a widespread internet outage of unknown origin.

In a teleconference panel Tuesday, Professors Candice Hoke and Douglas W. Jones, authorities in election technology, emphasized that voter-registration databases are most vulnerable to a possible cyberattack, and they encouraged election officials – and even voters – to take precautions.

Their deepest concern was echoed by the third member of the panel – human-rights activist, author and former chess champion Garry Kasparov: Even a small disruption to systems on Election Day could sow doubt in the election results and undermine the authority of a newly elected president. “It does not require massive disruption to create that cloud of uncertainty,” Hoke said. “A few technical events can add to doubt.”

With Russia clearly demonstrating an intent to interfere in U.S. politics in the hack of Democratic National Committee emails, all three panelists worry that whoever wins this presidential election, the real loss will come in Americans’ faith in their democratic systems. “Imagine people who will not be able to have their votes because the voter registration database was hacked,” Kasparov said. “That will create enough doubt about the U.S. elections and democracy as an institution.”

Tuesday’s panel was moderated by Bill Buzenberg, Editorial Director of

Long-term, Hoke and Jones stressed that nationwide election infrastructure should be shored up as part of identifying elections as a key part of U.S. national security. But with one week to go until the election, these are their recommendations for what can be done right now.

What state and local elections officials can do:

  • Have paper records as back-ups for electronic voter-registration databases (so-called e-poll-books). Hoke notes that these databases are vulnerable because the software is easily manipulated. And she points out that a number of precincts, especially in major urban areas, now use electronic poll-books to access their registration databases, and those poll-books require constant access to the internet and so would be inaccessible in the event of a direct denial of service attack, as occurred Oct. 21.  “Those locations that are using e-poll-books: They need to have a paper backup of every database in every location in case their e-poll-books happen to be down for whatever reason.”
  • Have a contingency plan for what to do if systems go down at a polling station. “The DDOS attack [Oct. 21] may not have been related to the election, but if I were Russia and I wanted to test my weapon in the election, that’s what my weapons test would look like,” Jones said. “Local elections officials need well-defined fallback plans for pollbook failures,” Jones said, and he noted that this could be as low-tech as having a blank sheet of paper where every voter can sign in and write down their addresses. He acknowledges that’s a tremendous amount of work for both poll-workers and voters, creating long lines and slow voting. “But turning away a voter from a polling place simply because the hardware is messed up – that’s just a violation of a fundamental principle of democracy that says you don’t turn away voters.”
  • States should have security experts assess their system’s vulnerabilities before Election Day, and consider hiring electronic security experts to be on hand for quick action if a disruption is reported. “Retain forensic security teams around the state ready to go into action if there are questions or incidents so they can be investigated immediately and proof can be obtained,” Hoke said. “We should have forensics teams ready to go on Election Day.”

What voters can do:

  • Voters should double-check their voter registration online before Election Day to be sure the precinct’s recorded information is correct. “Every state has an online voter-registration checking portal and there are some national portals available through the League of Women Voters and the Verified Voting Foundation,” Jones said.
  • Voters should take official identification to their polling places, even if it’s not required by law. If the electronic records indicate that a voter’s precinct is different or the registration is missing, an ID would be required to cast a provisional ballot or for same-day registration. “Having it there in case there’s a mess-up is important,” Jones said.
  • If at all possible, voters should take advantage of early voting opportunities. “Encourage as many voters as possible to use early voting opportunities,” Hoke said. “If systems should go down … on Election Day, there are no alternatives. That’s the best contingency.”

The panelists urged states and voters to take these last-minute precautions seriously because they believe that the integrity of the vote and American democracy is at stake in this election.

Kasparov: “My greatest fear is that the election would not be considered valid by tens of millions of Americans because there would be so much doubt and uncertainty, and whoever wins will not be a legitimate president in the eyes of half of the country.”

Jones’ greatest fear:  “There will be a cloud of uncertainty caused by a mix of conspiracy theories from left and right and allegations of Russian involvement, and that mixture will create really entrenched distrust and entrenched unwillingness to accept the outcome, whatever the outcome is.”

Hoke: Since I’m located in Ohio … Close election totals are bad enough. Then, just a few incidents or technical events can further add to questions and doubt.”

Listen to the audio of the full teleconference

Related analysis on Voter registries at risk of cyberattacks, experts say

(Photo via Creative Commons)

Donald Trump’s ‘firehose of falsehoods’


“I like to deny things.”

Republican Donald Trump admitted this at a campaign rally last Friday, flaunting his well-documented strategy of saying something one day and denying he ever said it the next – and leaving news media fact-checkers scrambling in a never-ending game of catch-up to set the record straight.

In these last weeks before Election Day, Trump has received the most headlines for denying that he ever sexually assaulted women despite bragging about exactly that on an Access Hollywood video. But in the same time period, he also denied that he ever called climate change a “hoax,” even though he did so in many direct tweets over several years. He’s repeatedly denied he ever backed the Iraq War, even though he’s recorded on a Howard Stern show supporting it. And in all three presidential debates, when asked about his relationship with Russian President Vladimir Putin, he said “I don’t know Putin” – even though in 2013 he told MSNBC: “I do have a relationship [with Putin], and I can tell you that he’s very interested in what we’re doing here today. He’s probably very interested in what you and I am saying today.”

But Trump doesn’t just deny his own words; he also routinely denies statements made by U.S. officials. For example, national intelligence leaders have said that Russia hacked into the Democratic National Committee emails in an effort to interfere in the election, but Trump has refused to acknowledge this. In the second debate, he said, “Maybe there is no hacking.” And in the final debate, he said: “[Hillary Clinton] has no idea whether it’s Russia, China, or anybody else. … And our country has no idea.” The Director of National Intelligence the next day repeated his agencies’ previous statements, forced into the position of denying Trump’s denial.

Trump even goes so far as to deny simple facts. In July on ABC’s “This Week,” when George Stephanopoulos asked Trump about Russia’s invasion of Ukraine and annexation of Crimea – an act Putin has called justified because the “territory itself is strategically important” – Trump said: “He’s not going into Ukraine, OK? Just so you understand. He’s not going to go into Ukraine, all right? You can mark it down and you can put it down, you can take it anywhere you want.”

Trump’s campaign strategy is strikingly similar to Putin’s own propaganda model, which a June RAND report dubbed a “firehose of falsehood.” From the RAND report:

“We characterize the contemporary Russian model for propaganda as “the firehose of falsehood” because of two of its distinctive features: high numbers of channels and messages and a shameless willingness to disseminate partial truths or outright fictions. In the words of one observer, “[N]ew Russian propaganda entertains, confuses and overwhelms the audience.”

Contemporary Russian propaganda has at least two other distinctive features. It is also rapid, continuous, and repetitive, and it lacks commitment to consistency.”

The “firehood of falsehood” technique that the Rand study attributes to Russia is precisely the method adopted by Trump. Once a falsehood is stated by Trump, whether on Twitter or at a rally, Media Matters notes that it quickly spreads through media outlets worried about getting beat on a story:

“Credible mainstream American outlets and journalists, perhaps concerned “they will be labeled ‘biased,’” as claims John A. Tures, adopt stories that often are cultivated in the right-wing echo chamber and given life by Trump. After Clinton’s September pneumonia diagnoses, several mainstream outlets went all-in on hyping how “talk of Clinton’s health [is] no longer just the stuff of conspiracy theorists.” Media outlets have time and time and time again parroted right-wing pseudo-scandals about Clinton’s use of a private email server and about the Clinton Foundation (stories that were also hyped by right-wing outlets like Drudge and Fox News).”

When disinformation is repeated, even when it’s later shown to be false, the result is a cynical American public that doesn’t know what to believe. Media Matters adds:

“Trump and right-wing media have ushered in an era of post-truth politics where voters have ‘been successfully persuaded that everything is a lie, so the only political choice you have is to select the fiction that most fits your self-conception,’ as explained by journalist Ned Resnikoff.”

The most disturbing place where these “post-truth politics” are playing out now is in Trump’s denial in the integrity of the U.S. election process, which he repeatedly calls “rigged.” His claims that dead people and non-citizens are used to commit voter fraud have been repeatedly debunked, but that doesn’t stop him from saying them again and again. And these statements are duly reported by the media again and again.

Trump’s denigration of the election process could have the effects of raising tensions at polling places, preventing a peaceful transition of power to the next president or weakening the next president’s authority to work with other leaders at home and around the world – all threats to the core values of the American democratic system.

And that may be exactly what Trump and his political idol Putin are hoping for. As The Federalist’s John Daniel Davidson wrote:

“After all, if Putin can convince Americans that liberal democracy is nothing but a sham, he will accomplish what no leader of the Soviet Union ever could. Decades after we thought it was over, Russia will have finally won the Cold War.”

Sources noted inline and include: Politico, Politifact, The Washington Post, CNN, UCSB The American Presidency Project, MSNBC, The New York Times, NBC News, ABC News, World Affairs Journal, RAND Corporation, Media Matters for America,, The Federalist

(Photo of Donald Trump at June 18 rally in Arizona by Gage Skidmore)