Imagine an election where Russian hacks into one candidate’s campaign could determine which party controlled an entire branch of government.
Sound familiar? Your mind might jump to the 2016 campaign attack on the Democratic National Committee to discredit presidential nominee Hillary Clinton, now confirmed to have been the work of 12 Russian intelligence officers.
The case I’m referring to though actually involves the US Senate.
This past July, “Senator Claire McCaskill, also confirmed a Daily Beast report that her office was unsuccessfully targeted by Russian hackers last year. American intelligence officials have indicated that she is not alone, but no other office or candidate has been publicly identified.” Why is Sen. McCaskill a target? The reason may be because she is "only up on her Republican opponent by one point in the RealClearPolitics average." Her loss would erase a Democratic pathway to a national victory in November.
The attempt followed a lesser-known attack on Republican Sen Marco Rubio’s campaign for reelection in Florida. In early 2017, Sen Rubio divulged to the Senate Intelligence Committee that:
"In July 2016, shortly after I announced I’d seek re-election to the US senate, former members of my presidential campaign team who had access to the internal information of my presidential campaign were targeted by IP addresses with an unknown location within Russia. That effort was unsuccessful," Rubio told the hearing. "I do think it’s appropriate to divulge this to the committee, since a lot of this has taken a partisan tone."
Had that hack derailed Sen. Rubio's candidacy, we might now have a tie in the US Senate. Currently, 49 Senators caucus with Democrats. 51 Senators are Republican. If a foreign adversary wanted the Senate majority to change party hands, a cyberattack on would be an effective, illegal way to do it.
This might sound like a footnote to the nightmare scenario most commonly associated with foreign interference in elections: actual voter machine tampering. Understandingly so. We now know that Russian hackers probed election systems in Iowa, Illinois, Georgia, and Florida with varying results (although no known votes were changed.) And we might not yet be entirely prepared to catch digital vote tampering if it did occur. Five states still use entirely digital systems and nine states “use a combination of paper ballots and electronic machines without a paper trail.” Writes NPR, “Congress distributed $380 million to all 50 states to enhance election-related cybersecurity. That money is just now flowing to state and local officials and will have a limited impact on the 2018 elections.”
But attacks on campaigns are apparently not only effective but also quite easier than tampering with ballot boxes. In an interview with the New York Times. “Charles Stewart III, a leading expert on election administration at the Massachusetts Institute of Technology assessed this sort of attack a more likely to be successful than on election infrastructure.”
The greatest vulnerabilities, Mr. Stewart said, lie in individual political campaigns, few of which have come to terms with the threat posed by foreign actors like Russia. Barely a week ago, Senator Claire McCaskill, a Missouri Democrat, confirmed reports that Russian hackers had sought, apparently unsuccessfully, to break in to her computer network in the Senate, and at least one other campaign is known to have been attacked as well.
Cyberattacks on a candidate's headquarters predate 2016. As Republican strategist Matt Rhodes wrote this May in Politico
"As Mitt Romney’s campaign manager in 2012, I experienced cyberattacks firsthand when China tried to infiltrate our servers, forcing us to spend precious campaign resources on improved cybersecurity. Every cent we spent on protection could have been used addressing voters’ concerns, and that meant even unsuccessful cyberattacks ultimately weakened our campaign."
A near tie in the Senate is not common. It’s therefore equally unusual to have the situation we find ourselves in 2018, where manipulating a single Senate seat could have so much impact nationally. That is not true of recent presidential elections though, where victory in one state is often the difference between victory or defeat nationally, regardless of the national popular vote. That was the case of Florida in 2000, when President Bush’s victory in that state won him the election even though he was several hundred thousand votes short in the national popular vote. And it was true of Ohio in 2004, when Sen. John Kerry came within 60,000 votes of the presidency by winning the Buckeye State even though he was nearly 3 million votes behind in the national popular vote.
As long as the winner-take-all system is in place, the effects of a campaign hack could influence a few thousand votes that could determine any presidential election. However, there is a way to vastly limit the impact of meddling of kind in presidential elections. If a national popular vote determined the winner of the presidency, it would become much more difficult for a campaign headquarters hack to influence a decisive number of votes to turn an election nationally.
In the meantime, Sen Rubio and Democrat Sen Chris Van Hollen have teamed up on a sanctions bill that “would in essence put Russia on notice, threatening it with broad-based economic sanctions if it carried out an attack on November’s midterm.”
Writing together in a op-ed in Washington Post, the Senators warned, “Our bill, the Defending Elections from Threats by Establishing Redlines Act, would send a powerful message to any foreign actor seeking to disrupt our elections: If you attack American candidates, campaigns or voting infrastructure, you will face severe consequences.”