How the Pentagon Is Working to Protect U.S. Elections From Hacking and Disinformation

4 minute read

This article is part of the The DC Brief, TIME’s politics newsletter. Sign up here to get stories like this sent to your inbox every weekday.

Four years after Russian agents launched a sweeping, multifaceted operation targeting the 2016 presidential elections through a hacking and disinformation campaign, the Pentagon is pressing ahead with a cyber strategy to ensure the nation is better defended this time around.

General Paul Nakasone, who is both the military’s top commander for cyber-operations as head of U.S. Cyber Command (CYBERCOM) and director of the National Security Agency, says the U.S. has deployed forces to eastern Europe in order to thwart any attempt to interfere in elections or other cyberattacks. “We realized that Cyber Command needs to do more than prepare for a crisis in the future; it must compete with adversaries today,” Nakasone writes in a recent op-ed for Foreign Affairs along with his senior advisor Michael Sulmeyer. “Inaction poses its own risks.”

Last year, CYBERCOM and NSA formed a unit called the Election Security Group. Teams of American on so-called “hunt forward missions” are working to uncover adversaries’ techniques and tactics before they go after U.S. systems. As a result of the new group’s findings, the Department of Homeland Security has already “hardened” election infrastructure security and the FBI is better positioned to “counter foreign trolls on social media platforms,” Nakasone writes.

For months, intelligence agencies have warned that Russia is again attempting to disrupt the November election. The latest sign of trouble came Thursday when Microsoft announced the Russian military intelligence unit that attacked the Democratic National Committee in 2016 was now attempting to hack email accounts of people affiliated with both the Democratic and Republican presidential campaigns.

The threats emanate beyond Moscow: China, Iran, North Korea and others also have the capability to degrade their ability to interfere in American elections. But analysts agree Russia poses the greatest threat, a fact that the Trump Administration has allegedly tried to play down. A newly released whistleblower complaint alleges that political appointees directed the Department of Homeland Security’s top intelligence analyst to downplay Russian election interference efforts and instead focus on attempts by Iran and China.

Last year, TIME was part of a small group of reporters that received a rare invitation to visit the military’s new Joint Operation Center at CYBERCOM at Fort Meade, Md. An immense screen on the front wall registered cyber activity in real time as row upon row of intelligence analysts watched the incoming data, all while communicating with federal agencies, foreign allies and overseas military personnel. Come Tuesday, November 3, this operations floor will serve as a nerve center in defense of America’s national elections.

CYBERCOM, created in 2009, has played a larger role in election defenses since 2018 after the Trump Administration granted its commanders new authority and Congress quietly issued a declaration defining “online operations” as a traditional military activity. That same year, the U.S. military deployed cyber operators to Ukraine, Macedonia and Montenegro to counter Russian attempts to disrupt the midterm elections.

“Montenegro has faced increased harassment from Russia since joining NATO in 2017, and the Cyber Command team was there to investigate signs that hackers had penetrated the Montenegrin government’s networks,” Nakasone writes. “Working side by side with Montenegrin partners, the team saw an opportunity to improve American cyber defenses ahead of the 2020 election.”

That campaign, dubbed Operation Synthetic Theology, included attacking and taking offline an infamous troll factory in St. Petersburg, otherwise known as the Internet Research Agency, which has mounted propaganda and disinformation campaigns in both the 2016 presidential and 2018 midterm elections. In 2020, CYBERCOM has established on-call defensive cyber teams that are ready to respond to foreign adversaries if agencies like DHS or FBI need them. “For all their power and results, however, cyberspace operations are not silver bullets,” Nakasone writes. “To be most effective, they require much planning and preparation.”

Make sense of what matters in Washington. Sign up for the daily D.C. Brief newsletter.

More Must-Reads from TIME

Write to W.J. Hennigan at william.hennigan@time.com