How lessons learned from 2016 campaign led US to be open about Iran hack

This year, there was another foreign hack, but the response was decidedly different. US security officials acted more swiftly to name the culprit, detailing their findings and blaming a foreign adversary this time, Iran just over a week after Trump’s campaign revealed the attack.

 

They accused Iranian hackers of targeting the presidential campaigns of both major parties as part of a broader attempt to sow discord in the American political process.

The forthright response is part of a new effort to be more transparent about threats. It was a task made easier because the circumstances weren’t as politically volatile as in 2016, when a Democratic administration was investigating Russia’s attempts to help the Republican candidate.

But it also likely reflects lessons learned from past years when officials tasked with protecting elections from foreign adversaries were criticised by some for holding onto sensitive information and lambasted by others for wading into politics.

The Aug 19 statement by security officials followed a Trump campaign announcement that it had been breached, reports from cybersecurity firms linking the intrusion to Iran and news articles disclosing that media organisations had been approached with apparently hacked materials.

But the officials suggested their response was independent of those developments.

The FBI said in a statement to The Associated Press that transparency is one of the most powerful tools we have to counteract foreign malign influence operations intended to undermine our elections and democratic institutions.

It said the government had refined its policies to ensure that information is shared as it becomes available, “so the American people can better understand this threat, recognise the tactics, and protect their vote.

The framework sets out a process for investigating and responding to cyber threats against campaigns, election offices or the public. When a threat is deemed sufficiently serious, it is nominated for additional action, including a private warning to the attack’s target or a public announcement.

The Intelligence Community has been focused on collecting and analysing intelligence regarding foreign malign influence activities, to include those of Iran, targeting US elections, the agency said. For this notification, the IC had relevant intelligence that prompted a nomination.

In 2016 we were completely caught off guard, said Sen. Mark Warner, D-Va., the chairman of the Senate Intelligence Committee. There were some indications, but nobody really understood the scale.

That summer, US officials watched with alarm as Democratic emails stolen by Russian military hackers spilled out in piecemeal fashion on WikiLeaks. By the end of July, the FBI had opened an investigation into whether the Trump campaign was coordinating with Russia to tip the election. The probe ended without any finding that the two sides had criminally colluded with each other.

Then-FBI Director James Comey wrote in his book, A Higher Loyalty, that he at one point proposed writing a newspaper opinion piece documenting Russia’s activities. He described the Obama administration deliberations as extensive, thoughtful, and very slow,” culminating in the pre-election statement followed by a longer intelligence community assessment in January 2017.

Still, there have been obstacles and controversies. Shortly after Joe Biden won the 2020 election, Trump fired the head of CISA, Christopher Krebs, for refuting his unsubstantiated claim of electoral fraud.

Also during the 2020 elections, The New York Post reported that it had obtained a hard drive from a laptop dropped off by Hunter Biden at a Delaware computer repair shop. Public confusion followed, as did claims by former intelligence officials that the emergence of the laptop bore the hallmarks of a Russian disinformation campaign. Trump’s national intelligence director, John Ratcliffe, soon after rebutted that assessment with a statement saying there were no signs of Russian involvement.

In 2022, the work of a new office called the Disinformation Governance Board was quickly suspended after Republicans raised questions about its relationship with social media companies and concerns that it could be used to monitor or censor Americans’ online discourse.

Legal challenges over government restrictions on free speech have also complicated the government’s ability to exchange information with social media companies, though Deputy Attorney General Lisa Monaco said in a recent address that the government has resumed sharing details with the private sector.

Earlier this year, Warner said he worried the US was more vulnerable than in 2020, in part because of diminished communication between government and tech companies. He said he’s satisfied by the government’s recent work, citing a greater number of public briefings and warnings, but is concerned that the greatest test is likely still ahead.

First Published: Aug 28 2024 | 7:48 AM IST