How hackers could prey on election vulnerabilities

This week, emails written by former Secretary of State Colin Powell, which were critical of Donald Trump and Hillary Clinton, appeared on a website that's reportedly an outlet for hackers tied to Russia. Judy Woodruff speaks with Dmitri Alperovitch of Crowdstrike and David Sanger of The New York Times about the recent wave of hacks tied to the presidential campaign and the impact on the election.

Read the Full Transcript


    This year's political campaign has a new and different wrinkle. Cyber-hacking has led to regular public releases of documents and private e-mails involving the political parties and key players.

    The Democrats are the most frequent targets. But it's not only them.

    The list of election season cyber-attacks is growing. The latest target, former Secretary of State Colin Powell. A trove of his e-mails appeared online this week after his personal account was hacked. In one referring to GOP nominee Donald Trump and black voters, Powell wrote, "He takes us for idiots."

    Another referred to Democrat Hillary Clinton as greedy, not transformational. The messages were posted on a site that's reportedly an outlet for hackers tied to Russia.

    Clinton today did blame the Russians. The White House wasn't saying.

  • JOSH EARNEST, White House Press Secretary:

    We don't necessarily want to reveal sources and methods that the FBI uses to conduct these kinds of investigations.


    All of this follows the July release of thousands of Democratic National Committee e-mails. They were published on WikiLeaks just before the Democratic Convention. And on Tuesday, WikiLeaks tweeted a link to more DNC files. The Web site's founder, Julian Assange, claimed in an interview with the "NewsHour" last month that it's done in the public interest.

  • JULIAN ASSANGE, Founder, WikiLeaks:

    And that performs an ongoing role leading to great works in investigative journalism, successful court cases, civil litigation, criminal process, and, of course, also contributes to public understanding.


    Meanwhile, Politico reports hackers are also targeting state Democratic officials. And congressman Michael McCaul, chair of the House Homeland Security Committee, says Republican operatives have been hacked as well.

    Still, in Washington yesterday, the president's homeland security adviser, Lisa Monaco, played down any threat to the integrity of the election, but added:

    LISA MONACO, Assistant to the President for Homeland Security: The efforts of malicious actors to intrude upon voter registration databases and other elements of our critical infrastructure, as well as our voting infrastructure, is of concern.


    The White House says if there is a response to the hacking, it may not be announced in advance, or ever.

    For a deeper look at the actors and the politics behind the hacks, we turn to Dmitri Alperovitch. He's co-founder and chief technology officer at CrowdStrike. That's the cyber-security firm that investigated online breaches of the Democratic Party over the summer. And David Sanger, chief Washington correspondent for The New York Times.

    And we welcome both of you to the program.

    Dmitri, let me start with you.

    How does this cyber-hacking of the Democrats and others this year compare to what we have seen in previous elections?


    Well, it's really fascinating right now, not in the sense that election officials are getting hacked or political figures are getting hacked.

    We have seen that in other countries. And we have certainly seen in the course of the last couple of years in Ukraine in particular, where the Russians have been very aggressive in trying to disrupt the presidential election and the parliamentary elections in Ukraine.

    But what's impressing me about this activity right now is that it's happening against the United States. That, we have never seen before. And it speaks frankly to the boldness of these adversaries that are doing this to all types of figures across our political spectrum.


    And we know the administration is not naming the Russians, so how strong is the evidence that that is that who is it, the Russians?


    Well, at CrowdStrike, we were the ones who were brought in to investigate the DNC and then the DCCC, the Democratic Congressional Campaign Committee hacks, and we're protecting actually a number of organizations across the political spectrum now.

    I can tell you that, based on our investigation, we're very confident that Russian intelligence operatives were behind those intrusions.


    David Sanger, what is known about the motive of the Russians?

  • DAVID SANGER, The New York Times:

    It's not entirely clear, Judy, what their motives are may be.

    This could have started as a generalist espionage operation. And of, course, it's worth remembering that political organizations are considered fair game for espionage by foreign intelligence groups, including by the NSA and the CIA. We do this in our efforts to understand, the United States, that is, in our efforts to understanding what is happening in Russia, China and other places.

    But what is different, as Dmitri said, is taking that information and, in the lingo of the industry, weaponizing it, in other words, releasing this in public. And that is something we haven't seen much against American officials.

    We got a first taste of it when phone conversations between Victoria Nuland, a senior State Department official, and an the American ambassador in Ukraine were broadcast. Then we got more of that when the DNC material was stolen, probably as long ago as up to a year ago, but perhaps earlier this year, and then released this summer just before, as you said, the Democratic National Convention.

    So, the timing seemed released — seemed designed to disturb the election. The big fear, of course — and we wrote about this in The Times this morning — is that we're only at the beginning end of this and the next step might be the election vote itself.



    How much damage — before we talk about what's ahead, Dmitri, how much damage has been done? Is it possible to quantity? And we have every reason to expect it's going to keep coming.


    Well, certainly, reputations right now are being impacted of various official, not just at the presidential level, but at the sort of local and state levels whose private dossiers and other campaign information is being released.

    So, it's, I think, hard to tell whether it's going to impact any races specifically. But there's no question that it's impacting this race. And we have already seen some resignations of senior Democratic Party officials as a result of these leaks.


    And back to you, David. We heard Julian Assange in that conversation — we didn't report just now this — but I think there's no question that he carries a serious strong, hard feelings against Hillary Clinton, because she was very critical of him during that huge dump of State Department cables back in 2010.

    Do we believe that it is between the Russians and Julian Assange and anybody else involved, WikiLeaks, that the Democrats are going to continue to be the main target here?


    Well, they could well be, although the leaks from Secretary Powell's e-mails were obviously highly critical of Donald Trump as well.

    So that doesn't quite fit the narrative. But Julian Assange has made no secret of his distaste for Hillary Clinton, and neither has Vladimir Putin. And I think it's important to remember, Judy, that in Putin's mind, the United States and Secretary Clinton personally intervened in the 2011 Russian parliamentary election, which Mrs. Clinton denounced as a rigged election.

    And Putin believes that encouraged street protests against him and his party. So he protested that at the time. And in his mind, this may simply be returning a favor.


    Well, I want to ask both of you about something.

    And, David, you wrote about this today. You just raised it.

    Dmitri, how vulnerable are U.S. election systems? How possible is it, how likely is it that outside actors could interfere with the voting, the election in November?


    Well, there's certainly no question that there are vulnerabilities in our election systems.

    We have electronic voting machines in certain counties that don't produce a paper ballot. So if they're hacked, there's actually no way to tell what the original vote intention would have been. If there's a backup paper ballot that's printed out, then you can always go back and sort of recount the vote manually.

    So, in those cases, they would certainly be safe against hacking. I think it all depends on how close the election's going to be. If it's going to come down like in 2000 to a few hundred votes and it may be a couple of counties, then there's certainly significant potential for manipulation that could occur.

    If it's not even close, if it's a landslide, then it's not going to have any effect. But what I worry about even more than the actual manipulation of the vote is the shadow that can be cast on the integrity of the process.

    Even if there is proclamations by these hackers that they hacked the election or they have manipulated the vote, whether they had actually done it or not, that's going to convince some voters if their candidate had lost that the vote was actually rigged and the person that they were voting for should have won..


    David, you did a great deal of reporting on this. What did you find?


    Well, the first thing we found, Judy, is that the voting machines themselves are pretty hard to hack because they are largely offline, though, as Dmitri points out, in five states, there's basically no paper trail, and I think that's pretty dangerous.

    Secondly, while they may not be able to manipulate the vote itself, it could cause a lot of disruption that could make the experience in 2000, the hanging chads in Florida, look like a comparatively small problem. They could, for example, alter data on voter registration rolls, so people can show up to vote and their names would be missing.

    They would probably do a provisional ballot, but it would take a while to sort that out. There's question about the safety of the systems in which the votes once tallied on election eve are then transmitted within the states, whether that's encrypted or not.

    Of course, every state does it differently. The fact they do it differently is probably also a source of a little bit of protection. And, finally, Judy, there's the system that we all use to report the election results.

    So, you know, when the "NewsHour" and others report results on election night, you will be getting early tallies from the AP. If somebody got into that reporting system and you had false numbers or slightly altered numbers, then there would be a discrepancy between what we heard on TV at night and the numbers as they came in for the actual vote count.

    And that would also, as Dmitri points out, create some doubts about the system, even if it's only the real vote count that matters.


    Disturbing. And I know it merits further — there will be more reporting on this.

    Dmitri Alperovitch, David Sanger, thank you both.


    Thank you.


    Thank you.

Listen to this Segment