With 75 days until the midterm elections, the U.S. military's cyber force and the National Security Agency are once again teaming up to identify attempts by foreign adversaries to interfere with the electoral process and indicating their willingness to take offensive action to disrupt the efforts.
Cyber Command and the NSA restarted their joint Election Security Group, or ESG, this year, marking the third election cycle in which the ESG will take the lead in the Defense Department’s election security efforts.
The Office of the Director of National Intelligence has repeatedly warned that Russia, China, Iran and others may work to interfere with U.S. elections, including the voting process and voters’ beliefs and perceptions.
U.S. officials say that cyber threats are continuous and that they are often carried out by the same actors. But they also say such groups tend to home in on events or targets of opportunity, like elections, and shift more of their efforts to disrupting them.
The ESG will monitor foreign adversaries who may be trying to interfere with or influence elections and share information with other government agencies, like the Department of Homeland Security and the FBI, with private industry, and with U.S. allies to stop the attempts before they affect voters.
According to a release from the normally secretive NSA and Cyber Command, the NSA has “unique foreign intelligence collection and technical expertise” that can be used to detect planned cyberattacks, while Cyber Command has offensive capabilities to disrupt any such attacks. Cyber Command has the authority to initiate some offensive measures against foreign actors on its own, but in other cases authorization must come directly from the president.
“We view the election as a continuum of operations — part of our persistent engagement approach,” said a spokesperson for the ESG. “Cyber Command and NSA have the ability to alert interagency and private industry partners to act on information we may detect. This enables those partners to alert victims of cyber activity and engage in mitigation response. We have the ability, as a whole-of-government, to respond at speed. Efforts include increased touchpoints and planning sessions with DHS, FBI, and ODNI,” referring to the Office of the Director of National Intelligence.
In the past, comments about possible offensive action have often come after elections, and they have been vaguer. Army Gen. Paul M. Nakasone, the head of Cyber Command and the NSA, acknowledged when testifying to Congress that they would “impose costs” on groups trying to interfere with election security, but he has not spoken explicitly about offensive operations for election security.
The ESG is led by Air Force Brig. Gen. Victor Macias from Cyber Command and Anna Horrigan from the NSA.