Russian Hackers are Overrated

The 2018 election cycle is upon us and we still talk about hacking elections and cyber threats but no one really knows what those terms mean or how to defend against them.  There have been meetings.  There have been bills.  There have been panels and seminars.  There has even been some money Congress might throw at the problem.  None of this has yielded any substantive or meaningful advice or insights for those at the county-level, where the elections are planned, programmed and conducted, other than do more of what counties always have done to secure elections.

There are possible explanations for the lack of any progress in mitigating the perceived and feared security threats.  The first explanation is that the problem is insoluable.  Another explanation is that none of the security experts, state and federal officials, or academics yet have the knowledge, experience or skill to propose appropriate countermeasures to protect elections.  A third explanation, one I am growing more confident in, is that the state actor, cyber warfare scenarios may pose threats to peripheral aspects of US elections but they don’t pose a direct threat to hyper-decentralized county level voting systems and operations.

Without a doubt, trolls, hackers, leakers, state actors and plain bad actors influenced the 2016 election in ways that are hard to identify and measure.  What we know is that these hostile actions further divided Americans, mislead and misinformed voters of all stripes, undermined confidence in election outcomes and generally cast doubt on American democratic institutions.  We also know that there is no evidence that any votes were changed after they were cast.

This being said, there are real threats to election administration at the county level but they are not the sexy, high visibility threats currently in the spotlight.  A partial list of these threats includes:

  • Self-interested and self-serving state laws
  • Contradictory state laws and regulations
  • Inadequately funded election administration
  • Unrestrained special interest influence
  • Inadequate campaign finance laws and enforcement
  • Bureaucrats and bureaucratic decision making
  • Petty elected politicians gaming the system
  • Incompetent management
  • Uninformed academic research
  • Spurious claims and lawsuits
  • Hyper-partisanship
  • Sore losers and sour grapes
  • Gerrymandering
  • Faux, fake, or yellow journalism

To most people these threats may seem remote, amorphous, harmless or “just the way things are.”  However I can offer multiple examples of each of these threats experienced in my own jurisdiction in the last 12 months.  Significant and disproportionate management time is spent confronting and managing these threats to the integrity elections.

Each of these threats is posed by either those who have taken an oath to protect the federal and state constitutions, those who profess to protect the rule of law or those who feel committed to some higher purpose.  There are no obvious bad guys but there are obvious bad outcomes.Write

Pogo 4Current and future external threats really can’t be ignored but if the time, attention and resources of local officials, DHS, federal and state officials and the media are only focused on countering Russianstyle meddling, the more immediate vulnerabilities of elections are ignored.

The greatest enemies of our elections and democratic institutions are not external bad guys.  In the words of Pogo- “We have met the enemy and he is us.”

Stay tuned for a more detailed analysis of these “Pogodian” threats.