Political Cybersecurity Is Not a Partisan Issue
Is that secure?
Of all the ugly incidents occasioned by the 2016 U.S. presidential campaign, some of the most unsettling have unfolded invisibly -- specifically, online. In June, for example, it became clear that the Democratic National Committee had been hacked. Hillary Clinton’s campaign was likely attacked, too, along with a key Democratic political outfit.
The attacks are being investigated, and the motivations behind them remain murky. Nonetheless, they illuminate something important about politics in the digital age: Campaigns are by definition partisan, but the issue of protecting them shouldn’t be.
Campaign organizations, by their nature, are inviting targets for hackers. They rely heavily on volunteers, who are often untrained in cybersecurity. They’re convenient repositories of damaging information, both about their opponents (whose liabilities are cataloged in “oppo” files) and about their own candidates (whose every flaw must be aired to anticipate attacks). They’re rich veins of financial data, and the power dynamics they reveal. And they can’t help but expose all the gossip, drama, ego trips and penny-ante enmities that haunt every political operation. That kind of information is immensely useful for an opponent -- or for a foreign agent.
Parties and campaigns should recognize that the data they collect is a powerful asset, and dangerous in the wrong hands. They need to be far more vigilant about protecting it. That means that even far-flung campaign staff should understand the basics about avoiding phishing attacks, malicious links and malware, for instance. Sensitive financial information should be isolated from workaday e-mail chains. And sometimes, it’s worth picking up the phone.
But the digital threats to politics are also evolving, making such basic precautions of limited use, and they could go beyond campaigns. Search engines and social media can have extraordinary influence on political behavior, quite legally and with no one the wiser. More alarming possibilities are also emerging. One is the prospect of an unfriendly nation mining these new data deposits and probing polling systems with the aim of not just stealing information but influencing an election.
Meanwhile, most Americans are probably unaware of just how vulnerable voting machines are to hacking. The worries are such that the Homeland Security Department is considering whether to designate electoral apparatus as “critical infrastructure,” and thus eligible for federal security funding.
That’s an idea worth considering, but probably insufficient. The fact is, these threats are only starting to dawn on the political world, and confronting them will require a wholesale rethinking of both campaigns and elections. It will take years -- and it’s only a slight exaggeration to say that democracy itself is at stake.
To contact the senior editor responsible for Bloomberg View’s editorials: David Shipley at firstname.lastname@example.org.