The Russia connectionWanted: A firewall to protect U.S. elections

By Christina Pazzanese

Published 31 January 2018

As the FBI and Congress work to unravel Russia’s hacking of the 2016 presidential election and learn whether anyone in Donald Trump’s campaign supported the effort, one thing has become clear: U.S. elections are far more vulnerable to manipulation than was thought. A U.S. Department of Homeland Security warning and offer last year to help state election officials protect voter registration rolls, voting machines, and software from tampering was coolly received, perhaps out of skepticism or innate distrust of federal interference in a domain historically controlled by the states. Now, as federal and state officials are partnering to examine voting and election security, a new initiative at Harvard Kennedy School (HKS) is working to shore up another at-risk component of the U.S. election system: political campaigns.

As the FBI and Congress work to unravel Russia’s hacking of the 2016 presidential election and learn whether anyone in Donald Trump’s campaign supported the effort, one thing has become clear: U.S. elections are far more vulnerable to manipulation than was thought.

A U.S. Department of Homeland Security warning and offer last year to help state election officials protect voter registration rolls, voting machines, and software from tampering was coolly received, perhaps out of skepticism or innate distrust of federal interference in a domain historically controlled by the states.

Now, as federal and state officials are partnering to examine voting and election security, a new initiative at Harvard Kennedy School (HKS) is working to shore up another at-risk component of the U.S. election system: political campaigns.

Led by former presidential campaign managers for Democrat Hillary Clinton and Republican Mitt Romney, the Defending Digital Democracy project is gathering cybersecurity experts from the U.S. Department of Defense, the National Security Agency, and the Department of Homeland Security, as well as private-sector internet heavyweights like Facebook, Google, and the cybersecurity firm CrowdStrike, to identify problems and share pragmatic wisdom with local, state, and federal campaigns so they are better informed about cyber threats and can make their organizations harder for attackers to infiltrate.

“It’s really important that this is a bipartisan effort,” said Eric Rosenbach, the project’s director and a former cybersecurity leader at the Pentagon. “I don’t think that the Democrats value cybersecurity of their campaigns more than Republicans. I think Republicans are equally tuned in to the fact that it’s important because everyone recognizes that, down the road, it could impact anyone, regardless of their partisan affiliation. And so, we’re really trying to stay out of the fray.”

One project goal is to replicate the kind of information-sharing culture that exists in major industries where cybercrime is a constant concern, one that encourages collaboration in the face of threats and using best practices despite an inherently competitive culture.

“That’s what we’ve got to do in politics, and that’s why Matt and I believed it was so important to take a bipartisan approach,” said Robby Mook, who managed Clinton’s 2016 campaign. Mook will lead the project along with Matt Rhoades, who ran Romney’s 2012 presidential bid.