The Kremlin has been emboldened by its successful attack on the 2016 election, and is coming back for more. Here's everything you need to know:
Will Russia interfere again?
It never stopped. The Russian trolls and military hackers who undermined U.S. democracy in 2016 have continued their efforts to confuse and divide Americans, all U.S. intelligence agencies agree. As November approaches, the Kremlin is engaged in a multi-front cyberattack. Russia deployed social media bots to boost Sen. Bernie Sanders' (I-Vt.) presidential campaign, U.S. officials said, and last week, the National Security Agency announced that a hacking group called Sandworm — part of the Russian military unit that stole 50,000 Democratic National Committee emails in 2016 — has launched a campaign to penetrate email servers in the U.S. Security experts were puzzled why Russia didn't wreak more havoc in 2016 after targeting election systems in all 50 states and penetrating Illinois' registration database. It was probably "reconnaissance," Michael Daniel, a cybersecurity expert, told Congress — preparation for an even more ambitious future strike.
What's their objective?
To sow chaos, inflame existing political divisions, and destroy public faith in elections and democracy. Dezinformatsiya, the tactic of pumping propaganda into rival nations, flourishes on social media, where Russians can easily pose as Americans. Russian deceit, however, is not limited to online activities: Russia infiltrated the National Rifle Association and evangelical groups in 2016 and organized at least 22 political rallies on U.S. soil. Russians tamper with election infrastructure and then exaggerate the success of their efforts, seeking to make Americans believe that election outcomes could be illegitimate. If Hillary Clinton won in 2016, Russia planned to spread the hashtag #DemocracyRIP.
What did Russia do in 2016?
Four U.S. spy agencies, a GOP-controlled Senate committee, and Special Counsel Robert Mueller all concluded that Moscow ordered the attack in 2016 to spread disinformation and help elect Donald Trump. Russia's cyber operation, directly approved by Russian President Vladimir Putin, employed more than 800 people who created memes, fake accounts, and bogus news articles to stoke Republican fear and anger and to convince Sanders supporters and African Americans that Clinton was corrupt and a racist. The DNC emails Russia stole and selectively published via WikiLeaks showed that party officials wanted Clinton to win the primaries — angering Sanders' supporters. In his 22-month investigation, Mueller did not find proof of an explicit criminal conspiracy between the Russians and the Trump campaign, but he did conclude that Russia had interfered "in a sweeping and systematic fashion" and that the Trump campaign had been "receptive" to Russia's help. Some 272 contacts between Trump's campaign and Russia-linked operatives were documented, with 38 in-person meetings. Trump aides overheard Roger Stone — later convicted of obstructing the Mueller probe — discussing coming WikiLeaks dumps with Trump. Trump's campaign manager, Paul Manafort, gave detailed state polling data to a Russian oligarch and later lied about it. Standing beside Putin at a summit meeting in Helsinki in 2018, Trump said, "I don't see any reason" why Russia would have interfered.
What's Russia's strategy this year?
Disinformation campaigns will be more sophisticated. Russians often did a sloppy job imitating Americans in 2016, posting in broken English from accounts traceable to St. Petersburg. Now Russians are thought to be working from U.S. servers. An analysis of Russia-linked Facebook posts last fall found a focus on stirring up racial resentments, spreading fear of immigrants and Muslims, and inciting gun owners. The accounts targeted battleground states such as Michigan, Wisconsin, Ohio, Arizona, and Florida.
Are election systems vulnerable?
The nation's nearly 8,000 local voting jurisdictions use a complex patchwork of websites, databases, and hardware, giving hackers countless potential targets. In the 2018 midterm elections, an estimated one-third of jurisdictions used voting machines that were at least 10 years old. Russia is clearly keen to exploit American weaknesses, and in February, an aide to Director of National Intelligence Joseph Maguire told Congress that Moscow will try to ensure Trump's re-election. Trump berated Maguire for the briefing and fired him days later. The new DNI, former Rep. John Ratcliffe (R-Texas), is a fierce Trump defender who has questioned whether Russia really favored Trump in 2016.
How is the U.S. fighting back?
Last year, Congress allocated $425 million to beef up the security of state elections systems. Many security experts say it's too late for states to implement major improvements by November. Still, intelligence services have toughened up U.S. defenses in some respects. On the day of the 2018 midterms, the U.S. military launched its first preemptive cyberattack against Russia, blocking internet access at the St. Petersburg troll farm. Nonetheless, 41 percent of Americans say the U.S. is not prepared to secure November's election. To succeed, Russia only needs Americans to doubt the results. "You don't actually have to breach an election system in order to create the impression that you have," said Laura Rosenberger, director of the Alliance for Securing Democracy. "Chaos is the point."
Targeting vote totals
Election officials have insisted for years that voting systems are not connected to the internet and therefore can't be hacked. But it would take only a second of online activity for those machines to be compromised, and last August, a group of cybersecurity experts discovered dozens of back-end election systems in 10 states that had been connected to the internet, some for over a year. Moreover, many counties use wireless modems, some embedded directly in voting machines, to transmit results quickly to state officials. Russia is preparing to exploit this technology, allegedly sending GRU operatives to Rio de Janeiro and other cities to conduct operations through "close-access hacking," which allows break-ins through Wi-Fi networks. Hackers could exploit components of the election hardware chain, including wireless-enabled printers, USB drives with registration rolls, or digital check-in tablets. Harri Hursti, a data security expert from Finland, believes tampering with vote counts is possible. "Once you understand how everything works," Hursti says, "you understand how fragile everything is."
This article was first published in the latest issue of The Week magazine. If you want to read more like it, you can try six risk-free issues of the magazine here.