As the State Department works to gain international support for its cybersecurity framework, experts said that global norms and deterrence won’t be enough to convince state actors not to influence elections through cyber means in the future. Robert Axelrod, Walgreen Professor for the study of human understanding at the University of Michigan, compared the Democratic National Committee (DNC) hacks to Watergate. Both incidents involved the theft of information. The difference is that in Watergate, the incident was handled by domestic law enforcement and the president resigned. In the DNC hacks the incident was handled by international powers and there was “minor retaliation,” according to Axelrod. … “I think we’re going to see a lot more attacks like them in future campaigns,” said J. Alex Halderman, professor of computer science and engineering at the University of Michigan. Halderman said that most people think that the United States’ voting machines are secure because they are different in each county and they aren’t connected to the Internet. “In fact, many of these things break down,” said Halderman.
Halderman said an attacker can select the machines that are the most vulnerable or attack the third-party vendors that provide the memory cards for each machine. By using this method, an attacker could have altered the votes in 75 percent of Michigan counties, according to Halderman. He said that although he thinks that no states carried out sufficient forensics to determine whether their voting machines were hacked, he does not believe that those votes were manipulated.
Nemeroff said that the State Department created peacetime norms in order to give states a rallying point when another country veers from the norms.
“As more and more governments are developing capabilities…to operate in cyberspace, this creates the possibility for instability,” Nemeroff said. “We will respond to cyber incidents using all means of national power.”