At the risk of redundancy, please remember the findings and suggestions in the Cardin Report:
“Putin’s Asymmetrical Assault on Democracy in Russia and Europe: Implications for U.S. National Security,” finds that President Trump’s refusal to publicly acknowledge the threat posed by the Russian government has hampered efforts to mobilize our government, strengthen our institutions, and work with our European allies to counter Putin’s interference in democracies abroad.
Never before in American history has so clear a threat to national security been so clearly ignored by a U.S. president, and without a strong U.S. response, institutions and elections here and throughout Europe will remain vulnerable to the Kremlin’s aggressive and sophisticated malign influence operations.
Notice the three elements incorporated in this introduction. We haven’t mobilized our federal agencies into preventative action. We haven’t strengthened our political institutions to prevent further incursions from Russia. Nor have we cooperated fully with European allies to prevent more interference.
The current occupant of the Oval Office and his apologists appear to define Russian meddling only in terms of electoral results, if the Russian interference didn’t cause any change in the voting returns then there was no big problem, and hence no sense of urgency in addressing the Russian bots, trolls, and other efforts. There has been no cabinet level meeting to date during which the Russian Interference constituted a major agenda item. Recall AG Jefferson B. Sessions’ statement last October:
“We’re not,” Sessions said, when asked by Sen. Ben Sasse, R-Neb., if the government is taking adequate action to prevent meddling in its elections. “The matter is so complex that for most of us we’re not able to fully grasp the technical dangers that are out there.”
Sessions said he accepts the U.S. intelligence community’s findings that Russia interfered with the 2016 election and may attempt to do so again. He said the Justice Department has been aggressively looking into the stealing of trade secrets in the private sector and noted that the FBI’s computer experts are also highly trained.
“Are we at the level we need to be yet? I don’t think so,” Sessions conceded.”
Sessions made the statement in mid-October 2017, if finger counting is correct that’s 8 months since the onset of the current administration. Nor has the Cyber-security page on the DoJ been updated since that date. “Are we at the level we need to be yet?” I don’t think so either.
The Department of Homeland Security also has a cyber-security component. DHS describes its concerns:
“Cyberspace and its underlying infrastructure are vulnerable to a wide range of risk stemming from both physical and cyber threats and hazards. Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services.”
The idea that the Russians might be profoundly interested in disrupting the delivery of essential electoral services doesn’t seem to have moved to the top of the department’s concerns, at least not to the point of making any special reference to those instances of interference. There is a draft of a DHS publication on cyber-security efforts (pdf) available online for the purpose of public comment, published this month. At this point let’s review the Cardin Report summation of the problem, and then read a portion of the DHS Draft Report on what might be the same subject.
Cardin Report: “Mr. Putin has thus made it a priority of his regime to attack the democracies of Europe and the United States and undermine the transatlantic alliance upon which Europe’s peace and prosperity have depended upon for over 70 years. He has used the security services, the media, public and private companies, organized criminal groups, and social and religious organizations to spread malicious disinformation, interfere in elections, fuel corruption, threaten energy security, and more.”
DHS Draft 1-5-18: “Given the networked nature of the risks, real coordination is necessary to fully understand the problem and identify paths to solutions. While the information technology and communications sectors do actively work to understand security risks, sectors often are unable to coordinate well with other sectors. Even though some entities coordinate domestically or regionally, there are few global mechanisms to share information about threats, solutions, and their adoption and efficacy. In many cases, lack of clarity around roles and responsibilities has impeded collective action, resulting in security failures.”
At no point in the draft does one find any specific reference to interference in political institutions and operations. A generous interpretation might be that political interference is included in the general category of infrastructure.
In short there’s not much in the DHS Draft which would offer any Nevada voter, of any stripe, comfort as to the security of our political institutions, or our election processes. In fact, a quick reading of the draft leaves the impression that the issue of political cyber-security is left to the private sector, and market forces, whatever that might be.
Therefore, we’re back where we started, with a federal Executive Branch unable or unwilling or un-directed to develop specific guidelines or regulations toward preventing Russian interference in political matters and a market (Google, Facebook, Twitter) adrift and stumbling around what they may perceive as business and public relations pot holes on the road to prosperity.
“Russian trolls sought to steer Facebook users toward events, even protests, around contentious issues like immigration. In its response to Congress, published Thursday, Facebook elaborated that Kremlin-aligned agents created 129 events on 13 of its pages. Roughly 338,300 unique accounts viewed these events, while 25,800 accounts indicated they were interested and about 62,500 said they would attend. “We do not have data about the realization of these events,” Facebook explained.”
“Google, meanwhile, previously informed Congress that it had discovered that Russian agents spent about $4,700 on ads and launched 18 channels on YouTube, posting more than 1,100 videos that had been viewed about 309,000 times.”
“And Twitter told lawmakers at first that it found 2,752 accounts tied to the Russia-aligned Internet Research Agency. Last week, however, the company updated that estimate, noting that Russian trolls had more than 3,000 accounts — while Russian-based bots talking about election-related issues numbered more than 50,000.” [Recode]
There does seem to be some movement from social media operations, however nothing in the draft appears to directly address any specific assistance to state and local governments trying to secure their election rolls, ballot security, and count integrity. Not to put too fine a point to it, but the DHS draft reads like it was crafted by the Chamber of Commerce not law enforcement agencies. A wide and highly generalized focus such as the one presented in the DHS draft doesn’t exactly offer much satisfaction to those voters seeking an answer to the problem: What are we doing about Russian interference?
PS: “The Departments are requesting comment, asking for further insight into the issues and goals raised by the report, as well as the proposed approach, current initiatives, and next steps. The draft will be finalized based on adjudication of received comments before submission to the President. The final report is due to the President on May 11, 2018.” <https://www.ntia.doc.gov/report/2018/report-president-enhancing-resilience-internet-and-communications-ecosystem-against>