3 Cybersecurity Journalists Share Their Visions of Election Threats

This year is definitely one for the history books in so many ways. The United States is in the midst of the most contentious presidential election in modern history, exacerbated by hacking and disinformation operations, while in the throes of a global pandemic and a public reckoning over racial injustice. Journalists have definitely had their work cut out for them. 

We wanted to see what is on the minds of some of the security journalists whose work we read every day as they head into the election less than a month away. To do that I invited Joseph Menn of Reuters, Teri Robinson of SC Media and Sean Lyngaas of CyberScoop to be on a virtual panel last week entitled “Cyber Threats Leading into the Election.” In choice excerpts from the panel, here’s what they had to say.

Disinformation

Joe: “In general, I don’t want to call attention to stuff that’s false and malicious unless it’s really moving things and important… If somebody important says something that’s false and you really have to cover it, the lede should be “Here’s what he said and here’s why it’s false… There’s a million (news) outlets putting it out and sooner or later it rises to the noise level and we have to address it and sometimes we feel like we’re dragged into the muck.”

Teri: “I also think there’s a great deal of suspicion when companies like Facebook or Twitter start taking things down. That feeds another segment of the population that says “Oh well, they don’t want me to know when they’re taking down things that would appeal to me because they’re biased… You have to counter that as well. It’s difficult to do.”

Sean: As a reporter, “you’re always conscious of not amplifying something, but putting into context. I think everyone who covered the presidential campaign in 2016 learned from that in terms of covering (the email leaks) breathlessly. We’re in a more mature media state now… There’s still work to be done, but we’ve made progress… 

“You have to be cautious and judicious, especially with anything that’s being dumped right now, within weeks of the actual election day. It’s almost like a default mode of not reporting on it unless it’s verified completely… A delay in counting ballots will be fertile ground as the President will likely question the vote. I anticipate it to be a feeding frenzy for foreign and domestic actors with regard to disinformation.”

Joe: “I think the trickiest bit is not verifying that the information is real, it’s what do you do if it’s real and it’s not as important as the motive (for releasing the information). This was a major mistake of the media in 2016 — all the coverage of Hillary’s emails and not enough coverage of Trump’s business background… Even if it’s true it does not necessarily merit multiple reporters’ time and big play if it’s part of a political strategy.”

If two-factor authentication were turned on it would mitigate so much of the attacks that are out there. There’s still a struggle in so many quarters to have basic security practices that could defend against this stuff, and they’re not doing it.

Sean Lyngaas, CyberScoop
Ransomware

Sean: “Ransomware has been hitting state and local government for years and it’s a top-of-mind security concern for election officials. I know they’ve conducted ransomware security drills, they’ve simulated attacks. I think the resources are a challenge… (The DNC and RNC have improved their security) but if you’re a foreign adversary you’re going to target the Harvard professor or someone else who is in touch with the campaign.”

“The DNC is much more secure than it was in 2016, but these peripheral ways into the campaign are numerous and so hard to defend against in terms of phishing. If two-factor authentication were turned on it would mitigate so much of the attacks that are out there. There’s still a struggle in so many quarters to have basic security practices that could defend against this stuff, and they’re not doing it.”

Joe: “There’s ongoing ransomware and it’s unclear whether these attacks are just business as usual or if it’s something that’s aiming to be disruptive. I think there are a lot of ways to disrupt an election. You could hack a media organization and say Trump is way ahead in Pennsylvania or something… I think there’s also going to be potentially an overlap with physical world stuff, poll watchers, official or unofficial, and protests… We’re heading into uncharted territory.”

“I appreciate people pitching me or coming to me with researchers and people who may have a nugget of information that might be interesting to us. I’m always looking for how that fits with our audience and if there’s any actionable information they can take away.”

Teri Robinson, SC Media
Pet peeves

Teri: “I appreciate people pitching me or coming to me with researchers and people who may have a nugget of information that might be interesting to us. I’m always looking for how that fits with our audience and if there’s any actionable information they can take away… I’m glad to get canned commentary. But what annoys me is if I need follow-up information and want access to the spokesperson, sometimes they’re not available. I think most good PR people don’t do that. They try to have their spokespeople available if they pitch you.”

Sean: “We’re all adults and we’re able to have those conversations. We don’t necessarily need to have a minder there… Realistically speaking, you know that the journalists are going to try to talk to executives without someone in the room.”

Joe: “Email or text if it’s urgent, do not call me, please! And the thing that drives me nuts is “Hey, I have a cybersecurity expert” and I don’t need any more experts… My best scoops frequently come from people I’ve known for 10 or 20 years… One way I might talk to somebody new is if they’ve just left government service or a really important company… (we can) just open a door and maybe they can give me something on background or talk about their prior experience. And now they’re in my web, and down the road I may talk to them about their new company or venture.”

“How do you cover real news about a fake incident?”

Joseph Menn, Reuters
Fears

Joe: “The thing that terrifies me is not so much us (Reuters) getting hacked but other media running with a story where there was a legitimate hack or a leak and there’s some bits in the leak that are fake. That’s become more common. And then other media organizations are running with it and maybe it gets a shout out from the President or other candidates. And then what do you do?… How do you cover real news about a fake incident?”

Sean: “There is already so much distrust of the media. Major news outlets could get something terribly wrong and it could alienate more people. A lot of people have already decided what is fake news and what isn’t. I do worry about something exacerbating that, but I think overall the profession is resilient enough.”

Teri: She worries about there being a “trigger reaction from the White House or someone else. I don’t know if I believe that the military is going to be sent out or what, but I know that there’s a fear that there would be a physical kind of response to cyber events and I don’t know how that would end up working. I don’t think we have any real set rules of engagement on that.”