A leading Biden administration cyber official warned on Friday that the barriers to entry for cyberattackers seeking to influence elections have become “really low,” with the midterm elections looming less than two months away.
Geoff Hale, who leads the Cybersecurity and Infrastructure Security Agency’s Election Security Initiative, said undermining confidence in elections is so simple that he predicts many more adversaries will look for an opportunity to get involved.
“The playbook is out there, we’ll see more actors than ever,” Mr. Hale said at the Intelligence and National Security Summit in Maryland. “And we have to help our election officials, our election partners, posture to address this.”
Influencing voters’ opinions and confidence in election outcomes is a primary concern for the government, but former intelligence officials said they are also worried about foreign adversaries’ attempts to interfere in the elections.
Glenn S. Gerstell, who retired from the government in 2020 after serving as the National Security Agency’s general counsel, said the threat of hackers looking to change votes is real but extremely unlikely to occur.
“It’s rather difficult to actually change vote totals, it’s very difficult to get involved in the Associated Press tabulation mechanism, which compiles, rolls-up all the state totals,” Mr. Gerstell said at the summit on Friday. “So that’s pretty technically difficult, not impossible but pretty technically difficult, but not necessarily an easy target.”
For the upcoming midterm elections, the NSA and Cyber Command have activated their Election Security Group which has responsibility for disrupting foreign cyberattackers aiming to hack or interfere with elections. The group identifies attackers and then fights back by exposing them publicly, making their financial costs soar, and through other techniques.
Debora Plunkett, who left the NSA in 2016 after decades of federal service, cautioned that Americans must not forget about “domestic fringe actors” either. Ms. Plunkett formerly oversaw the NSA’s cyber defense, cryptography and information systems security missions and now advises electoral campaigns about cybersecurity threats.
“The American public is accustomed to us being concerned about Russia and China, we’ve been concerned about Russia and China and Iran forever,” Ms. Plunkett said at the summit. “The American public is not so accustomed to us being concerned about a next-door neighbor or a friend around the corner, or a colleague. And, to me, those are areas that we have got to be paying some attention to.”
Ms. Plunkett said Americans need to take responsibility for verifying information they consume if they intend to take action on it. She stressed the need for individuals to think critically and encouraged Americans to vote.