WASHINGTON (AP) — As the 2016 presidential campaign entered its final months, it seemed that Washington was abuzz with rumors about how Russian hackers had broken into Democratic email accounts, leading to the release of internal communications that appeared designed to bolster Donald Trump’s campaign and harm Hillary Clinton’s.
There was one notable exception, however: The officials investigating the hacks remained silent.
When they finally released a statement a month before the election, it was just three paragraphs and did little more than confirm what was already publicly suspected: that there had been a brazen Russian attempt to interfere in the election.
This year, there was another foreign hack, but the response was markedly different. U.S. security officials moved more quickly to assign blame, detailing their findings and blaming a foreign adversary — this time Iran — a little over a week after the Trump campaign revealed the attack.
They accused Iranian hackers of targeting the presidential campaigns of both major parties, part of a broader effort to sow division in the American political process.
The candid response is part of a new effort to be more transparent about threats, a task made easier by circumstances that were not as politically volatile as in 2016, when a Democratic administration was investigating Russia’s efforts to help the Republican candidate.
But it also likely reflects lessons learned from previous years, when officials charged with protecting elections from foreign adversaries were criticized by some for withholding sensitive information and by others for meddling in politics.
Suzanne Spaulding, a former official at the Department of Homeland Security, said agencies realize that releasing information can help thwart the efforts of U.S. adversaries.
“This is certainly an example of that: going out quickly and saying, ‘Look, this is what Iran is trying to do. It’s an important way to build public resilience to this propaganda effort by Iran,'” said Spaulding, now a senior adviser at the Center for Strategic and International Studies.
The Aug. 19 statement from security officials followed an announcement from the Trump campaign that a breach had occurred, reports from cybersecurity firms linking the intrusion to Iran and news articles revealing that media organizations had been contacted with apparently hacked material.
However, officials claimed their response was unrelated to these developments.
The FBI, which made the Iran announcement along with the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency, said in a statement to The Associated Press that “transparency is one of the most powerful tools we have to counter foreign malign influence operations designed to undermine our elections and democratic institutions.”
According to the FBI, the government has refined its policy to ensure that information is shared as it becomes available, “so that the American people can better understand this threat, recognize its tactics, and protect their voices.”
A large-scale reorganization
An ODNI spokesperson also told AP that the government’s assessment stemmed from a new process to inform the public about election threats.
Created after the 2020 election, the framework outlines a process for investigating and responding to cyberthreats against campaigns, election offices, or the public. When a threat is deemed sufficiently serious, it is “nominated” for additional action, which may include a private warning to the target of the attack or a public announcement.
“The Intelligence Community is focused on collecting and analyzing intelligence on foreign malign influence activities, including those by Iran, targeting U.S. elections,” the agency said. “Prior to this notification, the IC had relevant intelligence that gave rise to a nomination.”
The bureaucratic terminology belies the way the intelligence community has tracked election threats since a wholesale reorganization in 2016, when the threat of foreign interference was underscored by Russian hacking.
“In 2016, we were caught completely off guard,” said Sen. Mark Warner, D-Va., the chairman of the Senate Intelligence Committee. “There were some clues, but no one really understood the magnitude.”
That summer, U.S. officials watched in fear as Democratic emails stolen by Russian military hackers made their way piecemeal to WikiLeaks. In late July, the FBI launched an investigation into whether the Trump campaign had colluded with Russia to influence the election. The investigation ended without reaching any conclusions that the two parties had colluded criminally.
At the White House, officials debated how to inform the public of their assessment that Russia was behind the hack-and-leak. There was debate over whether such a statement might have the unintended consequence of making voters suspicious of the election results, thereby helping Russia achieve its goal of undermining confidence in democracy.
Then-FBI Director James Comey wrote in his book, “A Higher Loyalty,” that at one point he suggested writing an op-ed in a newspaper documenting Russia’s activities. He described the Obama administration’s deliberations as “extensive, deliberate and very slow,” culminating in a pre-election statement followed by a longer review by the intelligence community in January 2017.
“I know we were concerned about whether we should say something and when we should say it, and things like that, because in the case of the Russians, it seemed like they were favoring one candidate over another,” James Clapper, then the director of national intelligence, said in an interview.
A bumpy road
In 2018, Congress created CISA, the cyber arm of the Department of Homeland Security, to defend against digital attacks. Four years later, the Foreign and Malign Influence Center was created within the ODNI to track attempts by foreign governments to influence U.S. elections.
Bret Schafer, a senior fellow at the Alliance for Securing Democracy, a Washington-based organization that analyzes foreign disinformation, said he was pleased that the center did not appear to be “hampered in the early elections by some of the partisanship that has paralyzed other parts of government that have tried to do this work.”
Still, there have been obstacles and controversies. Shortly after Joe Biden won the 2020 election, Trump fired the head of CISA, Christopher Krebs, for refuting his baseless claim of election fraud.
Also during the 2020 election, The New York Post reported that it had obtained a hard drive from a laptop that Hunter Biden had dropped off at a Delaware computer repair shop. This led to public confusion, as did claims by former intelligence officials that the laptop’s emergence bore the hallmarks of a Russian disinformation campaign. Trump’s national intelligence director, John Ratcliffe, soon afterward refuted that assessment with a statement saying there was no evidence of Russian involvement.
In 2022, a new agency, the Disinformation Governance Board, was quickly suspended after Republicans raised questions about the agency’s relationship with social media companies and concerns that it could be used to monitor or censor Americans’ online behavior.
Legal challenges to government restrictions on free speech have also complicated the government’s ability to share information with social media companies. However, Deputy Attorney General Lisa Monaco said in a recent speech that the government is once again sharing data with the private sector.
Earlier this year, Warner said he worried the U.S. was more vulnerable than it was in 2020, in part because of reduced communication between the government and tech companies. He said he’s pleased with the administration’s recent work, citing a greater number of public briefings and warnings, but worries the biggest test is likely yet to come.
“The bad guys aren’t going to do most of this until October,” Warner said. “So we have to be vigilant.”
