Election security officials brace for possible Iran cyber retaliation
With tensions between Washington and Tehran on the rise, election security officials are warning of possible retaliation from Iran in the form of election meddling — a familiar threat in the wake of Russia’s efforts in the 2016 presidential election.
“The thing I’m most worried about are a repeat of some of the types of attacks we say in 2016 against larger election infrastructure,” said Matt Blaze, a Georgetown University Law Center professor, during a Thursday hearing before the Committee on House Administration. “A determined adversary who wanted to disrupt our elections would have a frighteningly easy task.”
As the presidential primary season gets underway, the threat of Iranian interference highlights efforts by the federal government and states since 2016 — when Russian hackers successfully infiltrated voting systems — to shore up their defenses.
Last week, after the death of Gen. Qassem Soleimani, the head of Iran’s elite Quds Force, leaders in Tehran vowed to seek revenge. As ABC News and others have previously reported, Iran is capable of targeting a broad range of public and private institutions with cyber intrusions and attacks.
State and federal leaders have already raised warnings, including West Virginia Secretary of State Mac Warner, who released a statement this week highlighting how tensions with Iran raise the stakes in securing voter systems.
“The world we live in today is one where asymmetric warfare is the norm, and cyberattacks have become the weapon of choice for rogue regimes like Iran,” Warner said. “Soleimani’s death amplifies our state’s preparations.”
Georgia Secretary of State Brad Raffensperger echoed in a statement of his own that Iran’s “latest warning serves as a reminder that we can never lower our guard.”
Neither state has reported receiving credible threats, but their statements illustrate how election security leaders are taking notice of Iran’s announced intentions to retaliate.
State officials across the map have been in touch with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which convened a briefing phone call with cyber stakeholders around the country after the Soleimani strike last week.
Acting Secretary of Homeland Security Chad Wolf met with CISA Director Chris Krebs on Thursday to discuss “election security and resilience” as part of the effort to defend against Iran’s potential cyber activities, according to DHS.
Maria Benson, a spokeswoman with the National Association of Secretaries of State, told ABC News earlier this week that states have also been “diligently shoring up election security and defenses since 2016 against malicious actors, regardless of country.”
Government officials have cited the need to coordinate with private companies who provide counties and voting districts with voting equipment to protect elections. During Thursday’s hearing before the Committee on House Administration, chiefs from the three largest private election system vendors described efforts they’ve made to “mitigate risks” from malign foreign actors to compromise their systems.
“We spend great deal of time” securing systems from foreign hacks, said Tom Burt, the CEO at Election Security & Systems. “Our effort, I can honestly say, is as strong as we are capable of. We are always looking to find ways to improve and partner with other agencies improve our ability to mitigate any risks.”
The cybersecurity threat in elections first emerged in 2016, when U.S. officials said Russian hackers likely targeted systems in all 50 states — what some compared to rattling door handles — and said that some were able to get through. In two Florida counties, for example, Russian hackers were able to successfully infiltrate voter databases.
While there was no evidence any of the data was tampered with in 2016, the incident raised alarm bells with lawmakers.
The Senate Intelligence Committee investigated and concluded that the “Russian movement directed extensive activity, beginning in at least 2014 and carrying into at least 2017, against U.S. election infrastructure’ at the state and local level.”
Since then, security officials and experts said the U.S. has made significant progress in protecting the voting process, but there’s much more work to be done before Americans cast their ballots in 2020.
“There’s a lot of things that keep me up at night,” a DHS official, who spoke on the condition of anonymity, told ABC News last year. “What could our adversaries do? What could they do to undermine our democratic system?… I’ll certainly be nervous but confident in the lines of communication we have and the steps that we’ve taken.”
ABC News’ Ali Dukakis and Lee Ferran contributed to this report.