With Republicans seemingly retiring by the day, and Trump helping out by dragging his party into the excrement, the idea that Democrats might flip the House has gone from the longest of long shots to a not-so-risky bet. But on the Senate side of the hill, even Trump can’t get around the fact that Democrats are defending 25 seats and Republicans are facing only eight contests. In an ordinary year—even an ordinary midterm under a new president—that’s a formula that suggests Republican gains. Still, with Trump weighing on the party, and Doug Jones cutting the margin with his win in Alabama, the chances that Democrats could end up in control of both ends of Congress seem much better than they did a year ago.
But it appears that Republicans may have a not so secret weapon.
The same Russian government-aligned hackers who penetrated the Democratic Party have spent the past few months laying the groundwork for an espionage campaign against the U.S. Senate, a cybersecurity firm said Friday.
In 2016, Russian efforts actually extended into 39 states. Since then Russia has tested its ability to sway world events by planting false stories justifying the quarantine of Qatar, making intrusions into the global power grid, and hacking into the infrastructure of the French election. At the very least, 2018 is likely to see a return of the same sorts of actions that Russian operatives used in the last cycle—from stealing emails and get out the vote plans, to using armies of ‘bots along with carefully placed ads in social media. That’s because Republicans, intent on protecting Trump, have refused to take seriously any measure to address the continuing threat.
Cybersecurity experts have long warned that America’s election system is a sitting duck for hackers looking to cause chaos. Voter rolls have regularly been been stored on inadequately protected systems, and the country has for years relied on outdated electronic voting machines. At the state and local level, governments can lack the funds to hire elite cyber professionals or properly train staff.
Instead Republicans have concentrated on “voter ID laws” and efforts to “cleanse voter rolls” both of which are intended to make it harder for core Democratic voters to participate in the election.
This leaves security at the feet of individual campaigns, most of which are organizations thrown together in a matter of weeks, or even days, often by first-time staffers and with the assistance of multiple volunteers. It’s not the kind of environment that leads to strong cybersecurity procedures. Campaigns have enough difficulty getting out yard signs and keeping pizza around the office. They certainly don’t have the time to police, not just the security of their own electronic communications, but those of their state.
Compared to a presidential campaign, House and Senate staffs are skeleton crews, often working at the edge of their abilities. And the greatly reduced scale of these campaigns makes them exquisitely sensitive to the effects of targeted ads and other social media-engineered attacks. Considering the demonstrated effectiveness of ads placed on social media in 2016, expect a repeat on a grand scale.
It’s likely too late at his point to do anything to safeguard the 2018 elections other than being vigilant for intrusions into voting rolls and election infrastructure. That’s something that could be helped considerably if more federal resources were made available … which seems unlikely. Meanwhile, candidates across the nation should expect to find themselves at the focus of the sort of hacker-generated false stories and pop-up ad storms that voters in specific regions saw in 2016.