Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Chris Krebs Profile picture
@C_C_Krebs
Oct 7, 2022 21 tweets 5 min read Read on X
I'd like to highlight a couple notable election-related alerts from @CISAgov & @FBI this week, put in context some recent news, & frame my main areas of concern for threats to the 2022 election (NB: it's not just "Midterms", as there are statewide elections).
1st, this alert from Monday reinforces prior govt position no cyber activity has prevented voting, affected counting, affected integrity of voter info. It goes further, stating that it's *unlikely* cyber itself would disrupt/prevent an election. cisa.gov/sites/default/…
That's a stronger line than I've seen before, though I've long held this view. Mainly b/c the layered controls in place & the overall resilience of the voting process (hooray for paper!) to spot/stop/prevent. Moreover, affecting the vote at scale undetected is nearly impossible.
Bottom line: it's hard to do at scale undetected & the consequences would be massive - technically attacking our election systems & changing/attempting to change outcomes would = an "is this war?" discussion. Note that in 2016 the Russians were not in a position to affect votes.
But that doesn't mean we're out of the woods just yet, b/c as we've seen before, foreign & domestic actors both seize on the fear/uncertainty of a technical attack to cause an overreaction, undermining confidence/seed doubt in the legitimacy of elections, aka a "Perception Hack."
Which takes us to this second alert from Thursday, specifically calling out foreign actors amplifying reports of real or alleged cyber activity against election infrastructure, all intended to undermine confidence in our elections.
cisa.gov/sites/default/…
It's worth highlighting that these alerts call out foreign actors, not domestic. But these techniques have obviously been used by domestic actors in the wake of 2020 and continue through today.
Case in point: this week's news an election technology firm allegedly hosted some sort of election-related data in China, which led the StopTheStealers to fall into a frothy rage that all their hopes and dreams have been realized & the former president will be restored to the WH.
But as I've said before, if you don't understand how anything works, everything looks like some sort of conspiracy (theory). In reality, elections have evolved over the last few decades & like every other business, technology is use to improve efficiency, access, and accuracy.
But thru that evolution, election officials - who are natural risk managers - have evolved controls to ensure software/hardware aren't single points of failure. So if a bad thing happens, it's not fatal to the process. Elections are perfect, but controls are there to limit risk
In the case of the tech firm, given the services they offer, it seems the data may have been poll worker information. Not voter reg, not access to casting, counting, or managing election results. Maybe a contract violation & claimed data theft, but not an election security risk.
And yet this situation is getting foisted up as the holy grail evidence of the stolen election, never mind the utter lack of connection to anything related to the secure conduct of an election. An overreaction and attempt to Perception Hack. We'll leave motives alone for now.
So, consistent with the CISA/FBI alerts, my great concerns with the 22 election center on:
1) continued efforts to delegitimize 2020 election
2) continued threats against poll workers
3) radicalized poll workers as insider threats
4) foreign actors exploiting domestic narratives
Here's how it plays out: Innocuous thing happens, the usual suspects say "told ya so", bad actors foreign/domestic boost claims democracy is being stolen & civil war is nigh, threats against election workers spike, someone carries thru & a worker is hurt or worse.
Not a great situation and unfortunately, too few leaders are leading right now by calling out this BS that is so clearly undercutting confidence, all the while giving our adversaries the B roll at home to say "see, democracy is a mess" & at the same time stoking the fires here.
So how do we counter? First, we need more election officials like @stephen_richer - the most transparent election official around. His constant briefings and community engagement removes opportunity space for disinfo spreaders by shining light throughout the process.
Second, voters should look to those election officials for authoritative information on what's happening in an election, not an influencer, the commentariat, or your aunt's cousin's brother. I know it might be asking a lot, but be more discerning. #TrustedInfo2022
Third, community and business leaders regardless of political party should support & encourage election officials and condemn threats to workers. State and local law enforcement should aggressively investigate and prosecute those that make threats.
Fourth, and this is the biggest stretch, political leaders should loudly reject those in their party that trade on stolen election claims. I don't care if it was 2016, 2020, or the primary this year, the election wasn't rigged. You lost because not enough voters believed in you.
None of these are going to fix what's wrong with today's political discourse - but it's a start and we need leaders to start leading, whether in our politics, business, or communities. If we want to continue as a democracy, we have to start acting like it. /FIN
ERRATA: Even with my snazzy Twitter Blue I’m not able to edit an above tweet. I meant to say “Elections *aren’t* perfect” UGH.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Chris Krebs

Chris Krebs Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @C_C_Krebs

Chris Krebs Profile picture
Apr 18
Lots of foreign election influence news/drops this week. Here's one from @CISAgov, @FBI, & @ODNIgov highlighting a few tactics we're seeing from the "usual suspects" (Russia, China, Iran): narrative farming, AI generated images & Audio clips, hack & leaks, paying witting & unwitting cutouts (PR firms!) to spread messages, & flooding social media with content to create illusion of consensus.

So what do we do about this:
1) AI Companies need to monitor & disrupt abuse of platforms (in line w/ the Tech Accord to Combat Deceptive Use of AI)
2) Fed govt needs to ID & intervene in Foreign info ops
3) Election officials need to ramp up communications w/ voters on how elections work & where to get authentic info
4) We (the people) need to become harder targets, take a beat before getting riled up.

Remember, the majority of RU, CN, & IRN efforts target on existing divides, they're playing us against each other. If there's one thing most people hate is getting manipulated, and the Kremlin is trying its damnedest here...

cisa.gov/sites/default/…Image
Image
Image
Here's one from yesterday on a leaked Russian document detailing strategy & objectives:

- Undermine the west
- Cozy up with other Authoritarian regimes
- Flip the Rest of World against the West

We've seen plenty of this at @LabsSentinel in our analysis of DoppelGanger

washingtonpost.com/world/2024/04/…
Here's @LabsSentinel report on Doppelganger from earlier this year.

Read 6 tweets
Chris Krebs Profile picture
May 19, 2023
Timely piece here by @Lingling_Wei on internal clampdown by Chinese security services on foreign businesses and cascading effects on capital flows.

A few thoughts (w/ a h/t to @KrebsStamos China expert @DakotaInDC for shaping the 🧵).
No question there’s an acceleration of hostile action against foreign companies. A combination of new laws/regs and actual enforcement (evidenced by Bain/Capvision/Mintz raids) laying the groundwork for more of the same. Question for companies building out in China: You ready?
Concentration of power in Xi allies, “securocrats,” shows a shift in priorities. Courting foreign investment and build out now subordinated to internal control and boosting national champions (even if they’re not ready for prime time).
Read 9 tweets
Chris Krebs Profile picture
Dec 9, 2022
There’s a subplot in today’s RU/US exchange. Any time you do a deal with the Russians you have to think beyond the headlines. Diplomacy is messy and a bunch of other factors get woven in for more strategic, yet unrelated objectives.
The Kremlin uses prisoner exchanges, among other things, for domestic & Intl narrative shaping & influence ops. Worth noting they’ve long stoked racial divisions here and cracked down on LGTBQ communities at home. Not really breaking news but yeah, BG was a pawn here.
While there’s legit conversation on whether this was a good deal. (IMO not great, but you bring Americans home where you can. Opinions vary on the cost and how Whelan fits). But recognize there’s a game being played by Putin, w/ actions & responses gamed out on both sides.
Read 6 tweets
Chris Krebs Profile picture
Dec 7, 2022
The Moore County, NC substation incident is just another in a string of attacks on the US grid. In the last 3 weeks, there've been 6 incidents at substations in the Pacific NW per industry experts. 2 involved gunfire (others vandalism & arson). But they had little impact.
We're still trying to figure out what happened in North Carolina (& out west). It could be local rubes taking potshots (happens all the time, actually). But the timing of attacks on 2 substations targeting the *right* equipment, suggests something more coordinated & concerning.
Concerning b/c domestic extremists are targeting the grid to cause chaos (or worse). In fact, in January DHS alerted industry partners to this threat per media reports. The alert indicated there'd likely only be limited damage, absent insider help or technical knowledge.
Read 9 tweets
Chris Krebs Profile picture
Oct 7, 2022
Really loving this alert from USG as it's a timely reminder China security services are still incredibly active against targets in their core areas of interest (intelligence, economic espionage, influence, & positioning for disruptive operations).
It's timely from where I sit because as @alexstamos & I have briefed a bunch of Boards & execs lately, (where most are interested in Russian threats), we're seeing an increasing interest at the Board/C-level in risks posed by China BECAUSE of Russia's invasion of Ukraine.
My line of late has been: "You know your product, your TAM, your competitors, but do you know how the rest of the world, including the Chinese security services, see you? How you might fit into their agenda or help advance their objectives." Sometimes their response is why us?
Read 10 tweets
Chris Krebs Profile picture
Jul 12, 2022
I can’t believe I have to say this, but just so we’re on the same page, the notion Exec Order 13848 (or any Exec Order) would allow the POTUS to rerun an election, seize election machines, or otherwise allow the Executive Branch to subvert a Federal election is lunacy.
EO 13848 lays out the workflow for agencies to analyze foreign interference, assess impact, and implement consequences. What are the consequences? Sanctions. It’s literally in the EO’s title. That’s it.
The CISA reports mentioned by the Kraken? Alerts we issued in October on Iranian and Russian efforts. Aha! you might say, proof! Not so fast. Those alerts were part of our efforts to spot & stop interference efforts, we assessed quickly & reported out quickly.
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(