Advertisement
News Analysis
The breach that targeted Joe Biden, Barack Obama and others served as a warning: Had it happened on Nov. 3, hoping to upend the election, the political fallout could have been quite different.
Over the past year government officials have raced to help states replace voting machines that leave no paper trail, and to harden vulnerable online voter registration systems that many fear Russia, or others, could hijack to trigger chaos on Election Day.
But this week, the country got a startling vision of other perils in political disinformation — and how many other ways there may be to manipulate turnout, if not votes.
The breach by a hacker or hackers who bored into the command center of Twitter on Wednesday — seizing control of Joseph R. Biden Jr.’s and Barack Obama’s blue-checked accounts, among many others — served as a warning that some of the most critical infrastructure that could influence the election is not in the hands of government experts, and is far less protected than anyone assumed even a day ago.
The hackers probably did the nation a favor. With a crude scheme to deceive users into thinking that Mr. Biden and Mr. Obama were asking them for donations in Bitcoin — which sent more than $120,000 flowing into their cryptocurrency wallets — they revealed how simple it may be to imitate the powerful and the trusted.
Had saboteurs infiltrated Twitter on Nov. 3 instead of in the middle of July, with the goal of upending the election, the political fallout could have been quite different. False warnings of a coronavirus outbreak in key precincts in Wisconsin or Pennsylvania could have untold impact on a close vote in a battleground state. Deceptive tweets from political party accounts saying polling places were closed could sow confusion.
Or imagine a fake declaration, under Mr. Biden’s account, that he was dropping out of the race — a nightmare scenario for Democrats that some federal officials said they were talking about hypothetically among themselves on Wednesday night as the scope of Twitter’s failure became clear.
Similar war gaming about social media and election interference has played out in classified simulations conducted by the Department of Homeland Security, which is responsible for securing the 2020 election, and at Fort Meade, Md., home of the National Security Agency and United States Cyber Command. The results have never fully been made public.
But the nation is now getting a very public look at the impact of disinformation when trusted accounts of politicians and prominent Americans are hacked — with voters confused and more wary than ever of who is telling the truth, blue check or no blue check. The disruption revealed that the social media platform favored by the president — one that the federal courts concluded a year ago is a conduit for official messages about national policy — was as vulnerable, in its own way, as the aging registration databases that Russian intelligence invaded four years ago in Arizona, Illinois and other states.
Investigators are still trying to determine exactly how the hackers got inside Twitter’s systems and took such command of the platform that, when Twitter employees took the Bitcoin-seeking messages down, the disinformation popped right back up. Many of the details remain unclear: Investigators are still trying to determine if the hackers tricked a Twitter employee into handing over login information. Twitter suggested on Wednesday that the hackers had used “social engineering,” a strategy to gain passwords or other personal information by posing as a trusted person like a company representative.