The Cybersecurity 202: Foreign actors didn’t successfully interfere in 2020. Here’s how to make sure they don’t in 2024

But officials aren’t resting on their laurels. Lawmakers and experts used the reports to call for greater action to secure American elections before 2022 and 2024.

“Just because the Russians decided not to try to change the actual tallies in this cycle doesn’t mean that they couldn’t be more aggressive in the next, so we still need to harden those defenses,” House Intelligence chairman Adam Schiff (D-Calif) said on CNN yesterday.

Here are some of the other key themes of the reports that could provide a map for improvements ahead of the next elections:

The fact that foreign actors were unsuccessful in altering the U.S. voting process is a testament to efforts by federal, state and local officials to secure election systems ahead of the election, says Matt Masterson, a top election official at Cybersecurity and Infrastructure Security Agency during the election and now a fellow at Stanford University. 

But that work is still far from over. Although CISA made strides in working with state and local officials leading up to 2020, many still struggle with outdated systems and limited resources.

Masterson says one way Congress and the White House could help is including money for state and local cybersecurity investment in ongoing infrastructure funding plans.

“Investment in state, municipal and particularly county cyber infrastructure is an investment in election infrastructure because many county election offices are dependent in some way on the county infrastructure to run their election processes,” Masterson says. “It’s a matter of national security.”

And it’s not just foreign adversaries that pose a threat. The DNI report also found that financially motivated cybercriminals disrupted election preparations with ransomware in some states, a risk CISA warned of ahead of the election. It’s unclear whether the actors targeted election systems specifically or if they were a part of a larger attack on state and local governments.

Moscow sought to influence the 2020 election by using prominent individuals close to former president Trump to spread misleading information about Joe Biden and his family, Ellen Nakashima reports. 

The ODNI report doesn’t name the Trump associates in question but appears to refer to Trump’s personal lawyer at the time, Rudolph W. Giuliani. Giuliani during the campaign met with Andriy Derkach, whom the United States has sanctioned as an active Russian agent. Giuliani also admitted to sharing the contents of a laptop allegedly belonging to Biden’s son Hunter with The New York Post, though he denied that the information came from a foreign source. Trump’s then director of national intelligence John Ratcliffe denied Russia had anything to do with the discovery of the computer.

Tactics may evolve as they did between 2016 and 2020, but officials say Russian meddling is unlikely to cease during the next election.

“Moscow almost certainly views meddling in U.S. elections as an equitable response to perceived actions by Washington and an opportunity to both undermine U.S. global standing and influence U.S. decision-making,” the ODNI report said.

The Russian embassy called the accusations “baseless” in a Facebook post.

Also contrary to claims by Trump’s top intelligence official, the report found that China did not try to interfere with the election. 

Schiff on CNN criticized Trump officials for “hyping” the threat from China and accused Trump of pushing the Kremlin narratives. He said that both parties need to agree to reject foreign interference ahead of future elections to diminish its power.

A minority opinion from the the national intelligence officer for cyber said that China did take some steps to at least “indirectly” undermine Trump’s reelection.

But those are just two actors officials will be watching in 2024.

Though unsuccessful in swaying the election, Iran took bold measures to interfere with the process, including impersonating far-right group the Proud Boys to threaten voters. Hezbollah, Cuba and Venezuela also ran interference campaigns.

Former Cybersecurity and Infrastructure Security Agency director Chris Krebs:

The reports play an important role in discrediting the fraud claims that created distrust over the results of the 2020 election. But fully regaining the trust of Americans who have questions or doubts about election integrity will take actions from lawmakers and officials, says Masterson.

Part of the solution is making sure that all states use ballots that are auditable, he says. A Democratic package of voting bills is pushing for such a practice and election experts have also encouraged the expansion of auditable ballots to increase trust in elections.

“I think all of us need to begin to understand what steps we need to take so that we can start that effort and move on from the damage that was done in this last election.”

Correction: This story has been corrected to clarify how Giuliani says he acquired the contents of a laptop allegedly belonging to Hunter Biden.

Researchers from Palo Alto Networks’ Unit 42 expect those demands to continue to rise amid a banner year for the hacks. It’s a lucrative business, with some hacking groups demanding as much as $30 million with an average ransom demand of $847,000.

The United States had the highest number of ransomware victims last year, according to the report. Lawmakers have taken notice of the surge, with some previewing legislation to aid sectors that have been heavily hit amid the pandemic, such as schools.

Authorities said Graham Ivan Clark, now 18 years old, masterminded the July 2020 hack of accounts including then-presidential candidate Joe Biden and former president Barack Obama, Rachel Lerman reports. Clark, one of three people charged in the wake of the incident, will serve three years in a juvenile facility, followed by three years of probation.

Twitter said last year that the high-profile incident occurred after hackers successfully targeted Twitter employees who had access to internal tools. CEO Jack Dorsey apologized for the hack.

The policy document from Prime Minister Boris Johnson marks a huge shift from Britain’s commitment to nonproliferation of the weapons, William Booth reports. Using the technology to respond to a cyberattack would be an extreme escalation of tactics.

The plan is already receiving pushback from members of the U.K. Parliament. Caroline Lucas, a member of Parliament from the Green Party, called the increase in nuclear weapons a “provocative, illegal and morally obscene use of resources,” while Labour Party leader Keir Starmer said the plan “breaks the goal of successive prime ministers and cross-party efforts to reduce our nuclear stockpile. It doesn’t explain, when, why, or for what strategic purpose.”

The report also foreshadowed the U.K.’s comprehensive cyber strategy, which is expected to be released later this year. The strategy will take a “whole-of-cyber” approach with an emphasis on “critical cyber technologies” and “international action to influence the future of cyberspace,” according to the report.

Some cyber experts were alarmed by the United Kingdom’s report. Dmitri Alperovitch, the former chief technology officer and co-founder of CrowdStrike, weighed in. Alperovitch is chairman of the Silverado Policy Accelerator:

Homeland Security Secretary Alejandro Mayorkas testifies before the House Homeland Security Committee at 9:30 a.m. today.

Mayorkas will be asked to address DHS’s role in defending federal networks from cyberattacks, according to opening remarks shared from chairman Bennie Thompson (D-Miss.)

“Secretary Mayorkas comes before the Committee at a pivotal time. Recent cyber attacks are forcing the Federal government to rethink how it defends it own networks and works with non-government entities to defend theirs,” Thompson will say. “I’m interested in learning how the Secretary plans to modernize Federal network security and more effectively partner with critical infrastructure owners.”

• Paul Zajac, the head of strategic affairs and cybersecurity at France’s foreign ministry, speaks at a German Marshall Fund of the United States event on cyber norms today at 10 a.m.
• Acting FCC Chairwoman Jessica Rosenworcel and Rep. Doris Matsui (D-Calif.) speak at a 5G event hosted by the Center for Strategic and International Studies on Thursday at 10 a.m.
• Cybersecurity and Infrastructure Security Agency acting director Brandon Wales; Christopher DeRusha, the federal chief information security officer; and Tonya Ugortez, an FBI deputy assistant director for cybersecurity, testify at a Senate hearing on the cyberattack on SolarWinds and other software on Thursday at 10:15 a.m.
• The House Energy and Commerce Committee holds a hearing on infrastructure legislation on March 22 at 11 a.m.