WASHINGTON (AP) — The 2016 presidential campaign was entering its final months, and seemingly all of Washington was abuzz with talk of how Russian hackers had infiltrated Democratic email accounts, triggering the release of internal communications that appeared to boost Donald Trump’s campaign and hurt Hillary Clinton.
Yet there was one notable exception: the authorities investigating the hack remained silent.
When they finally issued a statement, a month before the election, it was just three paragraphs and only confirmed what had been publicly suspected – that Russia had brazenly tried to interfere in the vote.
There was another foreign hack this year, but the response was decidedly different. U.S. security officials moved faster to name the culprit, detailing their findings and blaming a foreign adversary — this time Iran — a little more than a week after the Trump campaign disclosed the attack.
They accused Iranian hackers of targeting the presidential campaigns of both major parties as part of a broader effort to sow discord in the US political process.
The direct response is part of a new effort to be more open about threats. The task was made easier by the fact that conditions were not as politically volatile as in 2016, when the Democratic administration investigated Russia’s efforts to help the Republican candidate.
But it also likely reflects lessons learned from years past, when officials tasked with protecting elections from foreign adversaries were criticized by some for having sensitive information — and others lashed out at them for wading into politics.
Suzanne Spaulding, a former Department of Homeland Security official, said the agencies recognize that releasing information can help thwart efforts by U.S. adversaries.
“This is certainly an example of that — getting out there quickly and saying, ‘Look, this is what Iran is trying to do. It’s an important way to build public resistance to Iran’s propaganda efforts,'” said Spaulding, now a senior adviser at the Center for Strategic and International Studies.
The Aug. 19 statement by security officials followed the Trump campaign’s announcement of its breach, reports from cybersecurity firms linking the intrusion to Iran and news articles that said media organizations had been approached with apparently hacked material.
But officials suggested their response was independent of those events.
The FBI, which made the Iran announcement along with the director of national intelligence and the Cybersecurity and Infrastructure Security Agency, said in a statement to The Associated Press that “transparency is one of our most powerful tools to combat foreign evildoers who influence activities aimed at undermining our elections and democratic institutions.”
The FBI said the administration has refined its policy to ensure that information is shared as soon as it becomes available “so that the American people can better understand this threat, identify tactics and protect their voices.
Reorganization of the wholesale trade
ODNI’s spokesperson also told AP that the government’s assessment arose out of a new process for informing the public about election threats.
Created after the 2020 election, the framework defines a process for investigating and responding to cyber threats to campaigns, election offices or the public. When a threat is deemed serious enough, it is “designated” for further action, including a private warning to the target of the attack or a public announcement.
“The intelligence community is focused on gathering and analyzing intelligence about foreign malign influence efforts, including Iran’s, targeting the U.S. election,” the agency said. “For this announcement, the IC had relevant intelligence that led to the designation.”
Bureaucratic terminology obscures what for the intelligence community has been a wholesale overhaul of the government’s monitoring of election threats since 2016, when Russian hacking highlighted the threat of foreign interference.
“In 2016, we were completely caught off guard,” said Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee. “There were some indications, but no one really understood the scale.”
That summer, US officials watched with alarm as Democratic emails stolen by Russian military hackers spread sporadically on WikiLeaks. By the end of July, the FBI had begun an investigation into whether the Trump campaign had coordinated with Russia to tilt the election. The preliminary investigation ended without finding that the parties were in criminal cooperation with each other.
At the White House, officials discussed how to inform the public of its assessment that Russia was behind the hack. There was debate over whether such a statement could have the unintended consequence of making voters distrust the election results, helping Russia achieve its goal of undermining faith in democracy.
Then-FBI director James Comey wrote in his book “A Higher Loyalty” that at one point he suggested writing a newspaper op-ed documenting Russia’s activities. He described the Obama administration’s negotiations as “extensive, deliberate and very slow,” culminating in a pre-election statement followed by a longer assessment by the intelligence community in January 2017.
“I know we agonized over whether to say something and when to say it and things like that, because it turned out that in the case of the Russians, they favored one candidate over the other,” James Clapper, National director. intelligence, said in an interview.
Bumpy road
In 2018, Congress created CISA, the cyber arm of the Department of Homeland Security, to protect against digital attacks. Four years later, the Foreign and Malign Influence Center was established within ODNI to track foreign governments’ efforts to influence US elections.
Bret Schafer, a senior fellow at the Alliance for Securing Democracy, a Washington-based organization that analyzes foreign disinformation, said he was pleased that in its first election, the center did not appear to be “in some of the partisanship that we’ve had. I’ve seen it cripple other parts of the government that tried to do this job .”
However, there have been obstacles and controversies. Shortly after Joe Biden won the 2020 election, Trump fired CISA director Christopher Krebs for disputing his baseless claims of election fraud.
Also during the 2020 election, The New York Post reported that it obtained a hard drive from a laptop that Hunter Biden had left at a computer repair shop in Delaware. Public confusion followed, as did claims by former intelligence officials that the laptop’s appearance was the hallmark of a Russian disinformation campaign. Trump’s director of national intelligence, John Ratcliffe, soon refuted that assessment, stating that there was no indication of Russian involvement.
In 2022, a new office called the Disinformation Governance Board was quickly shelved after Republicans raised questions about its relationship with social media companies and concerns that it could be used to monitor or censor Americans’ online discourse.
Legal challenges over the government’s restrictions on free speech have also hampered the government’s ability to share information with social media companies, although Assistant Attorney General Lisa Monaco said in a recent speech that the government has continued to share information with the private sector.
Earlier this year, Warner said he was concerned that the U.S. would be more vulnerable than it was in 2020, in part because of reduced communication between the government and tech companies. He said he was pleased with the government’s recent work, citing more public briefings and warnings, but worried that the biggest test was likely yet to come.
“The bad guys don’t do most of this until October,” Warner said. “So we have to be vigilant.”
