The United States is bracing for another wave of cyberattacks focused on disrupting or undermining the 2018 midterm elections, with some officials warning this is just the beginning of a much deeper and broader threat.
Intelligence and security officials, as well as policymakers and other experts talking both on the record and on background say what began with a Russian effort to influence the 2016 presidential election has evolved.
They expect the next round of Russian efforts to be more sophisticated and more widespread, likely to include a combination of disinformation campaigns on social media along with the potential hacking of vulnerable targets.
In the near term, many expect the focus to remain on U.S. elections. They also expect it will not be long until countries other than Russia seek to unleash similar influence campaigns and that they may very well expand their targets to private sector companies and other, vital institutions.
"I think all of my colleagues probably are worried or should be worried about it," said Senate Intelligence Committee chairman Richard Burr of the near-term threat, during remarks this week at the Council on Foreign Relations in Washington. "I think every state should be worried about it."
"To believe that Russia's not attempting in the United States to do things potentially for the '18 cycle I think would be ignorant on our part," Burr said.
Grappling with election threats
In September, the Department of Homeland Security notified 21 states that Russia attempted to hack their computerized election systems. In most cases, officials said they saw preparations for hacking attacks, such as the scanning of systems for points of access.
Even before the 2016 election, the states of Illinois and Arizona announced suspected Russian actors had managed to hack into their voter rolls.
Although federal and state officials have been quick to point out there is no evidence Russian hackers managed to alter vote tallies during the 2016 elections, many voters do not feel reassured.
"We get calls every day … people are concerned," said Indiana Secretary of State Connie Lawson, who is also president of the National Association of Secretaries of State. "I've had just as many calls regarding the security of our elections this year, this off-election year, as I have ever had."
Lawson said states are taking such concerns seriously and have been working more closely with federal officials to better share intelligence about potential threats. They have also been working on additional precautions to keep statewide systems safe.
"About the time you say you're comfortable is the time you should be worried," she said.
Still, Matt Blaze, an associate professor of computer and information science at the University of Pennsylvania, is not convinced any of those measures will be enough.
"I don't want to say our elections are illegitimate but I don't know that I can say that they aren't," he said. "The honeymoon is going to end very, very quickly"
Of particular concern to Blaze are election systems overseen by local officials at the more than 3,000 counties across the United States.
"To the extent that they've even been designed against a threat, it's a threat of conventional corruption — somebody to get themselves elected mayor or sell votes," said Blaze. "Nation-state adversaries [like Russia] were not even in the threat model with these systems."
For now, experts like Blaze are advocating states simplify their systems and make them easier to audit for anomalies that could indicate someone is trying to tamper with the results.
Outsiders seeking influence
But even if the votes themselves are protected from outside actors, the methods Russia used to potentially influence voters are perhaps more difficult to counter. And they can be applied to much more than just elections.
"We need to look forward and, if we can, look around the corner, try to figure out how not just Russia but others will exploit the ability to create chaos in our society," said the Senate Intelligence Committee's Burr. "This expands to a much greater breadth than I think any of us ever envisioned."
One fear shared by Burr and other, former officials is the impact such tactics could have when they seep into other aspects of American society and infrastructure.
In September, the U.S. Department of Homeland Security ordered government agencies to get rid of products and services from Moscow-based cybersecurity firm Kaspersky Lab, citing information security risks.
"[It] might even be a tool of nation-states that want to buy interest in U.S. companies and choose initially to use social media platforms to drive the price down before they make the acquisition," Burr warned. "It is now a tool that's available for any country potentially to use as long as they have innovation and they have capital."
Making such dangers even more worrisome is the difficulty Western governments, and the U.S. in particular, have had when it comes to combating such social media-based influence campaigns
"We have failed in this for a decade now, whether it's been terrorists or the Russian disinformation, in our counter influence," said Clint Watts, a former FBI special agent and now a senior fellow at George Washington University's Center for Cyber and Homeland Security.
"You cannot counter back, whether it's online or on the ground — a counter-influence campaign — unless you know what your nation's policies are, what your belief systems are, and what you're going to push back with," said Watts.
Instead, Watts sees a sure but steady creep, with the Russian tactics being adopted by other countries, friends and adversaries alike.
"I'm not talking about a foreign influence operation. I'm talking about every country in the world saying, you know what I want to happen in America? The following: boom, bots, ads, doing it on scale," he said.
And once the disinformation is out there, even a concerted effort may not be able to do much in response, according to Thomas Rid, a professor of strategic studies at the Johns Hopkins University's School of Advanced International Studies.
Rid, who has studied the exploits of the Stasi, the feared secret police from Communist East Germany, said the reason is that so much of the disinformation is intermingled with facts.
"They [the Stasi] thought the best mix between truth — of truth and fact, of fact and forgery, of truth and lie — is 80/20 — 80 percent true, 20 percent false because that makes it really hard for journalists or for experts like us to tell what's actually true, what's factual, and what's not factual," Rid said.
