A Russian group acquired U.S. voter data in at least a couple of states. The Iranians reportedly did the same. President Trump's campaign website was briefly defaced.
As expected, this election season has brought a series of computer breaches and disinformation efforts coming from other countries. So how do we sort out the serious threats from mere cyber mischief?
There's no easy answer, but at least there's a catchphrase: a "perception hack." This describes a relatively small-scale intrusion that probably won't cause much actual harm, yet it may have an outsized psychological impact once it's uncovered and enters the public bloodstream via government officials, news organizations and social media.
"We see malicious actors attempt to play on our collective expectation of wide-spread interference to create the perception that they're more impactful than they in fact are," Nathaniel Gleicher, Facebook's head of security policy, wrote in a blog post. "We call it perception hacking — an attempt to weaponize uncertainty to sow distrust and division."
In some ways, a perception hack is the flip side of what happened during the 2016 U.S. presidential campaign.
Four years ago, the Russians waged a major interference campaign that included hacking Democratic Party emails and creating false social media accounts to exploit political divisions. Despite the broad scale of the Russian effort, it received only modest attention before the balloting.
Increased vigilance
This time, the U.S. intelligence community, election officials and the media are all much more attuned to potential election meddling. The challenge is perspective — how to keep the public informed without provoking an overreaction?
Russian and Iranian groups have broken into state election data systems this year, according to U.S. officials and media reports. At first blush, this sounded ominous and set off alarm bells.
"In actuality, it was publicly available information that they obtained" and posed no threat to actual voting or vote counting, said Nina Jankowicz, who studies disinformation at the Wilson Center in Washington and is the author of How to Lose the Information War: Russia, Fake News, and the Future of Conflict. "It's very easy for people to be led astray by this sort of operation."
The attackers' intent was not clear. Normally, a hacker wants to go undetected. But it's also possible the hacker wants to get noticed, hoping the revelation will undermine public confidence in the election.
"Since our cyber defenses have been raised over the past couple of years, we see Russia rattling the handle to our cyber door," said Jankowicz. "This spreads fear and uncertainty within the American election system. I think this benefits Russia even if they don't gain access to any sensitive voter information on the other side of that door."
Frequent warnings
To combat potential threats, the Cybersecurity and Infrastructure Security Agency, which is part of the Department of Homeland Security, was established in 2018. The agency has set up a "rumor control" page on its web site.
Meanwhile, Bill Evanina, the director of the National Counterintelligence and Security Center, is one of several officials who have appeared in videos designed to reassure the public.
"Foreign actors are attempting to spread disinformation and attempting to sway voters by executing influence operations," Evanina says. "To be clear, it would be very difficult for adversaries to interfere with or manipulate voting results at scale."
In addition, Facebook, Twitter and other social media companies are taking down phony foreign accounts linked to Russia, Iran and other foreign countries.
Thomas Rid, the author of Active Measures: The Secret History of Disinformation and Political Warfare, said the U.S. should be aware of perception hacks carried out by a foreign adversary during the election season.
But he thinks the greater risk is an overreaction at home.
"We do it unintentionally to ourselves most of the time," said Rid, a professor strategic studies at Johns Hopkins University. "And that just means we messed up and we were kidding ourselves."
Rid and other analysts say the riskiest period could be right after the election if the vote is close and the counting extends for days. Any rumor of election fraud or the mishandling of ballots could be easily exploited.
"I think the most dangerous scenario is that if we enter this protracted period of uncertainty," Rid said. "An adversary could jump in and create more uncertainty by claiming, rightly or wrongly, that there was some meddling."
Greg Myre is an NPR national security correspondent. Follow him @gregmyre1.
Copyright 2021 NPR. To see more, visit https://www.npr.org.