Little evidence of Russian election hacking so far, U.S. says

With fewer than four months before the 2020 election, the United States isn’t seeing the same scale of cyberthreats as it did in the last presidential election, a senior Homeland Security official said Friday.

“Compared to where things were in 2016, we’re not seeing that level of coordinated, determined cyberactivity from adversaries,” Chris Krebs, the director of Homeland Security’s cybersecurity arm, said in a livestreamed panel discussion.

Russia’s 2016 election interference campaign was multifaceted and took months to pull off. By April of that year, its military intelligence had hacked Hillary Clinton’s campaign, the Democratic National Committee and the Democratic Congressional Campaign Committee. By June, they had created the “Guccifer 2.0” persona to launder those stolen files. In July, they hacked into Illinois’ state voter registration database.

U.S. election cybersecurity has improved considerably since early 2017, when Homeland Security first reclassified elections as critical infrastructure. Krebs touted his agency’s work with state and local election officials, such as convincing many to install sensors that monitor for potentially malicious cyberactivity.

“We absolutely have better visibility across the networks, and we’re just not seeing the level of activity that we saw in 2016,” said Krebs, director of Homeland’s Cybersecurity and Infrastructure Security Agency.

Krebs warned, however, that this didn’t preclude Russia or another other actor, like criminal ransomware operators, from trying to interfere in the meantime.

“I’m not just talking about up to Nov. 3 but in that period after the election,” he said, adding that the system is “absolutely ripe for destructive or disruptive attack by a capable adversary, so we have to be ready.”

“That’s why we put so much emphasis on paper backups and audibility of the system,” Krebs said.