With fewer than 100 days to go until the midterms, the evidence continues to pile up that America’s electoral system remains a hot target for hackers, most notably agents of the Russian government. Last Thursday, Senator Claire McCaskill, the Missouri Democrat up for re-election this year, confirmed that she was one of two or possibly three congressional candidates whose computer networks had been unsuccessfully targeted by the Russians last year. The phishing attack, which occurred last August, was thwarted by Microsoft, which subsequently alerted her to the attempt. “While this attack was not successful, it is outrageous that they think they can get away with this,” said Ms. McCaskill in a statement. Three days later, Senator Jeanne Shaheen, a New Hampshire Democrat, acknowledged that, in an unrelated episode, her office also had been a target of multiple spear-phishing attacks, the origins of which have yet to be officially determined. The effort bears similarities to Russia’s handiwork, but the matter is still under investigation. Ms. Shaheen said she had been told that this problem “is widespread, with political parties across the country, as well as with members of the Senate.” (Ms. Shaheen, a staunch critic of President Vladimir Putin of Russia, also received a phone call in November from someone impersonating a Latvian official and hoping to gain inside information on American sanctions against Russia.
The F.B.I. is looking into that episode as well.) Attempts to disrupt America’s government and electoral system are widespread and multifaceted. This week, in fact, Facebook announced that it had identified and removed dozens of pages and accounts linked to a coordinated effort aimed at influencing the November elections.
But it’s no mystery why Russia and other bad actors would assume they could get away with such incursions. Despite repeated warnings from United States intelligence agencies regarding the nation’s vulnerabilities, there remains no focused, coordinated plan by the White House for dealing with this crucial security issue. Nor does President Trump seem comfortable criticizing, much less holding accountable, the baddest of bad actors identified by American intelligence agencies — Mr. Putin. Quite the opposite: When it comes to cyberattacks on American democracy, the message coming from this president reeks of confusion, equivocation and weakness.