CISA says no evidence of successful foreign election hacks.
Now that voting in the US elections has closed, the US Cybersecurity and Infrastructure Security Agency (CISA) has announced that "we have no evidence any foreign adversary was capable of preventing Americans from voting or changing vote tallies." CISA credits good preparation, good interagency collaboration, and a sound whole-of-nation approach with the successful defense of the election against foreign meddling.
Senior officials at CISA on Tuesday tentatively attributed the relative lack of foreign adversaries' action against US elections to "deterrence by denial," but they also credited US Cyber Command's "hunt forward" operations with having made a significant contribution to election security. The Washington Post quotes the Cyber Command head and Director NSA, General Paul Nakasone, as confirming that his organizations took unspecified action against Iranian actors after the threatening email campaign that tried to fly a false Proud Boys flag was determined to emanate from Tehran. CNN reports that "hunt forward" operations extended to Russia and China as well.
For two years before Tuesday’s voting, US Cyber Command deployed “the whole spectrum of offensive and defensive measures” against threat actors in Moscow, Tehran, and Beijing, CNN reports. The New York Times says Cyber Command sent squads to Europe, Asia, and the Middle East to investigate tactics, techniques, and procedures. Deputy Commander Lieutenant General Charles Moore explained, “We want to find the bad guys in red space, in their own operating environment. We want to take down the archer rather than dodge the arrows.”
Returning to CISA, the Homeland Security agency executed a long-prepared national effort to secure the vote. CISA has for some time expressed the view that public engagement through the media and directly online make an important contribution to cybersecurity. Through Election Day CISA held a series of six online media briefings, the first at 9:30 AM Eastern time, the last at 11:30 PM Eastern time, providing updates on election security and the perspective their virtual situational awareness room provided.
The good news, repeated throughout the day, is that no major cybersecurity threats surfaced during the voting. A senior CISA official said on Election Day, "We're treating today as if it's halftime." Since foreign cyber activity is largely taking the form of disinformation aimed at eroding confidence in the elections, CISA expects to remain on high alert until all votes are counted and certified in January. The agency stated on Wednesday, "We will remain vigilant for any attempts by foreign actors to target or disrupt the ongoing vote counting and final certification of results. The American people are the last line of defense against foreign influence efforts and we encourage continued patience in the coming days and weeks. Keep calm, continue to look to your state and local election officials for trusted information on election results and visit CISA.gov/rumorcontrol for facts on election security."
For more, see the CyberWire Pro Disinformation Briefing.