As Trump holds back, tech firms step in on election security
Published Saturday, September 19, 2020 2:42PM EDT
A woman uses her computer keyboard to type while surfing the internet in North Vancouver, B.C., on December, 19, 2012. (Photo: THE CANADIAN PRESS/Jonathan Hayward)
WASHINGTON -- Adam Schiff was in the audience at the 2018 Aspen Security Forum when a Microsoft executive mentioned an attempted hacking of three politicians up for reelection. It was the first that Schiff, then the top Democrat on the House Intelligence Committee, had ever heard of it.
Schiff said he thought it was "odd" that Congress hadn't been briefed. He got in touch with high-ranking officials in the intelligence agencies, and they didn't know about it, either. It turned out that Russian hackers had unsuccessfully tried to infiltrate the Senate computer network of then-Sen. Sen. Claire McCaskill, D-Mo., and other unidentified candidates.
Two years later, Schiff says that breakdown is still emblematic of the disjointed effort among government agencies, Congress and private companies as they try to identify and address foreign election interference. But this year, with President Donald Trump adamant that Russia is not interfering and his administration often trying to block what Congress learns about election threats, it's those private companies that often are being called upon to fill the breach.
Lawmakers welcome the help from the private sector and say the companies have become increasingly forthcoming, but it's a haphazard way to get information. It allows the companies to control much of what the public knows, and some are more co-operative than others.
"If a company wants to publicize it, that's great," says Virginia Sen. Mark Warner, the top Democrat on the Senate Intelligence Committee. "But what happens when they don't want to bring it to the attention of the government?"
That's what happened in 2016, when Russia spread disinformation through social media, including Facebook, Twitter and YouTube. Those companies were slow to recognize the problem and they initially balked at government requests for more information. But after Congress pushed them publicly, they gradually became more co-operative.
Now, Facebook and Twitter give Congress regular briefings to the intelligence committees, issue frequent reports about malicious activity and are part of a group that regularly meets with law enforcement and intelligence officials in the administration.
Microsoft, which is part of that group, announced last week that Russian hackers had tried to breach computers at more than 200 organizations, including political campaigns and their consultants. Most of the hacking attempts by Russian, Chinese and Iranian agents were halted by Microsoft security software and the targets notified. But the company would not say which candidates or entities may have been breached.
Lawmakers say the private sector can only do so much.
"It's certainly important that the social media companies participate and co-operate, which they have not always done in the past, but that does not in any way replace the analysis that is done by the intelligence community, and I believe that analysis should be shared with Congress," says Sen. Susan Collins, R-Maine, a member of the Senate Intelligence Committee.
That relationship between intelligence agencies and Congress has grown strained since Trump took office. He has has doubted the agencies' conclusions about Russian interference in 2016 and he fired, demoted and criticized officials who shared information he didn't like.
The current director of national intelligence, John Ratcliffe, a close Trump ally, tried to end most in-person election security briefings -- a decision he later reversed after criticism from lawmakers from both parties. But Ratcliffe maintains that his office will not provide "all member" briefings for all lawmakers, citing what he says were leaks from some of those meetings this year.
Lawmakers say that in restricting what's given to Congress, the administration is effectively restricting what it tells the public about election security and misinformation. That threatens to sow confusion, just as foreign adversaries such as Russia are hoping for.
Schiff, now chairman of the House Intelligence Committee, has pressured the companies to act more quickly, including taking down misinformation before it goes viral, not after. He has particular concerns about Google, which owns YouTube, and says it has been less transparent than others. Schiff and other lawmakers have stepped up concerns about doctored videos and foreign-owned news outlets spreading fake news on the video platform.
At a hearing with tech companies in June, Schiff pressed Google, saying that it "has essentially adopted a strategy of keeping its head down and avoiding attention to its platform while others draw heat."
Richard Salgado, Google's director for law enforcement and information security, told Schiff: "I certainly hope that is not the perception. If it is, it is a misperception, Mr. Chairman."
Google has made some disclosures, including recently revealing a Chinese effort to target Trump campaign staffers and an Iranian group's attempt to target the Biden campaign. But the company gave little detail on the attacks, including when they took place or how many were targeted.
Still, the companies have stepped up in many cases.
Facebook and Microsoft have been making disclosures to the public while also working behind the scenes with the federal government and the intelligence committees. Facebook issues a monthly release on foreign and domestic election activity, and Microsoft has publicly disclosed more than a dozen instances of threat activity since Schiff was caught unaware at the Aspen event in 2018.
The executive who revealed the Russian activity at that event, Microsoft's Tom Burt, says the company has learned to be more proactive with the federal government. He says the attempted hackings were not something he had planned to announce at the security forum, but he answered honestly when asked a question by the moderator. Today, Burt says the company gives federal and congressional authorities a heads-up when they have announcements about election interference.
Foreign attackers "are persistent, they are skilled, they are super well-resourced, and they are going to continue to try and interfere with the electoral process and try to sow distrust with the American people," Burt said.
As lawmakers pursue other channels of information, there are still places where the public sector cannot help. Florida Rep. Stephanie Murphy, a Democrat, has been fighting for more than a year to have the administration publicly identify the two Florida counties where Russian hackers gained access to voter databases before the 2016 election.
"The only way you can fight that disinformation is with transparency, and the U.S. government has to be transparent about the attacks on our democracy by providing the information," Murphy said. "I think maybe companies are accustomed to disclosing when they have had breaches, and that is why you are seeing corporate America leading."
Associated Press writer Frank Bajak in Boston contributed to this report.