Skip to main content

Sanctions, Charges And Disclosures Whirl In U.S. Bid To Defend 2020 Election

caption: Russian President Vladimir Putin attends a meeting on economic issues via video conference at the Novo-Ogaryovo residence outside Moscow on Thursday.
Enlarge Icon
Russian President Vladimir Putin attends a meeting on economic issues via video conference at the Novo-Ogaryovo residence outside Moscow on Thursday.
AP

Authorities in government and Big Tech unveiled a number of actions and announcements on Thursday in the ongoing effort to defend the 2020 election from foreign interference.

Updated at 4:39 p.m. ET

The Treasury Department announced that it's sanctioning a member of the Ukrainian parliament who waged an influence campaign aimed at the 2020 election — one who specifically spread "false and unsubstantiated narratives" about former Vice President Joe Biden.

Three employees of Russia's infamous trolling and influence mill, the "Internet Research Agency," also were placed under Treasury Department sanction and one of them was charged in a criminal complaint by the Justice Department.

Separately Microsoft revealed attempts by hacking groups linked to Russia, China, and Iran to break into the networks of the two presidential campaigns.

The developments took place during a week the Trump administration has faced more questions about whether it's appropriately prioritizing the threat of foreign election interference.

A Department of Homeland Security official filed a whistleblower complaint Tuesday saying that the head of DHS told him to stop reporting on the Russian threat to U.S. elections allegedly because it "made President Trump look bad."

Taken together, it's a reminder that four years after Russia's attack on the 2016 presidential election, foreign interference remains an issue that never really went away, says Betsy Cooper, the executive director of the Aspen Tech Policy Hub.

"I'm not surprised. These are exactly the sorts of attacks we've seen since 2016 and beyond," she said of the Microsoft disclosure. "There will continue to be attacks against our election going forward. That will be a part of the new normal."

Sanctions against a Ukrainian lawmaker

Andrii Derkach, an independent member of Ukraine's parliament, spent much of the past year furthering a debunked corruption narrative about Joe Biden.

That campaign included releasing edited audio tapes that purported to reveal improprieties on Biden's part, and even meeting with Trump's personal attorney Rudy Giuliani in late 2019.

President Trump was impeached by the House last year for asking Ukraine to investigate similar corruption claims. Intermediaries sought to make clear to Ukrainian president Volodymyr Zelenskiy that the flow of military aid to Ukraine would depend on his willingness to announce such an investigation.

Ultimately, the United States released the aid without any such announcement.

Trump and Republicans haven't abandoned allegations about what they call inappropriate activity involving Biden's family and Ukraine, however. Sen. Ron Johnson, R-Wis., says he is conducting an investigation about that; Democrats have charged that he's playing into the hands of a foreign interference scheme.

On Thursday, the Treasury Department called the narratives Derkach was pushing about Biden "false and unsubstantiated," and said he was operating as a covert Russian agent for the past decade.

"Andrii Derkach and other Russian agents employ manipulation and deceit to attempt to influence elections in the United States and elsewhere around the world," said Treasury Secretary Steven Mnuchin. "The United States will continue to use all the tools at its disposal to counter these Russian disinformation campaigns and uphold the integrity of our election system."

House Committee Chairman Adam Schiff, D-Calif., noted the dissonance in the Treasury Department sanctioning a foreign national for pushing information that is similar to statements made by the president and his allies. Trump even retweeted the audio that Derkach shared last month.

"Remarkably, even as the Treasury Department acknowledges Derkach has been an active Russian agent with close connections to the Russian intelligence services, and identifies the narrative that he is promoting as 'false and unsubstantiated,' the president of the United States continues to push out the same false claims and smears," Schiff said.

Attempted hacks

Election security isn't only about the smuggling of disinformation. It also involves attempts to steal material from U.S. political targets for use in spying or for disclosure to embarrass them.

Microsoft's announcement on Thursday brought a reminder about how that threat remains even as the conversation has shifted during the pandemic.

The company disclosed that it detected intrusion attempts aimed at political consultants aiding both Republican and Democratic campaigns, perpetrated by the same Russian hacking group that successfully breached the network of the Clinton campaign in 2016.

In total, the hacking group was observed targeting more than 200 organizations, including a number of think tanks like the German Marshall Fund, which monitors Russian election interference.

"What we've seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues," wrote Tom Burt, Microsoft vice president of customer security and trust, in a blog post announcing the disclosures.

Microsoft says the group has evolved its tactics since the 2016 election to "include new reconnaissance tools and new techniques to obfuscate their operations," including techniques that allow them to automate aspects of their hacking attempts and more effectively disguise their identity.

The company also said a hacking group from China was observed over the past six months as having targeted the non-campaign email accounts of people affiliated with the Biden campaign, as well as at least one "prominent" person who was formerly associated with the Trump administration.

A group from Iran was also observed unsuccessfully trying to log into the accounts of officials with the Trump administration as well as Trump campaign staff.

Burt concluded his announcement by urging Congress to send more money to states and localities to support their cybersecurity infrastructure.

"While the political organizations targeted in attacks from these actors are not those that maintain or operate voting systems, this increased activity related to the U.S. electoral process is concerning for the whole ecosystem," he said.

The U.S. intelligence community disclosed its assessment earlier this summer that Russia would prefer Trump be elected in November, whereas China prefers Biden.

Cooper, of the Aspen Tech Policy Hub, said because of that she fully expects news of more cyberattacks to come to light before election day. The only question, she says, is how consequential those attacks wind up being in deciding who wins.

"The actors that have the capability to execute [attacks] are also the ones that have the greatest stake in the outcome of the election," Cooper said.

Sen. Ben Sasse, R-Neb., a member of the Senate Intelligence Committee, said Thursday that the United States needed to continue to send strong messages that it would not tolerate election interference.

"Microsoft's warning is consistent with the intelligence community's long-standing assessments: China and Russia want to sow distrust ahead of the 2020 election. In Beijing, Chairman Xi wants Biden to win; in Moscow, Vladimir Putin wants Trump to win; both of these miserable SOBs have the same goal of turning Americans against each other," Sasse said. [Copyright 2020 NPR]

Why you can trust KUOW