Iowa Will Be the First Test Case for 2020 Election Security

DES MOINES — Weeks before the Iowa caucuses and the start of the 2020 presidential election season, one of the few senior Democratic campaign staff members whose full-time job was guarding against hackers and stopping a repeat of 2016 quit in frustration.

The campaign — in this case, Pete Buttigieg’s — simply did not care enough about security, Mick Baccio, its former chief of information security, wrote in a five-page resignation letter this month, a portion of which was obtained by The New York Times.

“The campaign continues to mimic the relaxed behavior and poor security posture that led to the Russian intelligence compromises in 2016,” he wrote.

Mr. Buttigieg’s campaign says it has since retained a new security firm. But its shortcomings are hardly unique, according to experts and current and former Democratic campaign officials. Despite four years of American intelligence assessments and federal indictments laying out how the Russians sought to interfere in the last presidential election, the 2020 Democratic primaries are getting underway in Iowa on Monday with campaigns once again dangerously exposed to hackers, and state election systems still plagued by many of the same vulnerabilities exploited by Moscow in 2016.

While security officials have not seen any credible threats to the Iowa caucuses, Iowa Democrats, aided by the Department of Homeland Security, are taking no chances with the first presidential nominating contest since the 2016 election, and party officials are actively preparing to combat any disinformation campaigns leading up to and during the caucuses.

The state’s role as the first in the nation to vote may be much debated inside the Democratic Party, but its system of caucuses is a blessing for security. The caucuses are far more transparent than typical elections, with groups of people gathering in rooms and openly choosing candidates. Any attempt to fiddle with results after the fact — a serious concern among officials and experts who are working to secure the 2020 election — would most likely be spotted by caucusgoers who know the outcome of an event in which they took part. And, of course, there are not voting machines to hack.

Still, Iowa is taking security a step further this year, and for the first time in the state’s history caucus attendees will have to fill out a “presidential preference card” to document their choice. These cards, which will be individually numbered and have other security features, are intended to offer the caucuses some form of a “paper trail” that election security experts say is vital to protecting results.

Additionally, while the caucuses have relied on mobile apps to record and tabulate results in the past, the Iowa Democratic Party is using a new app this year that has been tested and verified by both security experts and the Department of Homeland Security. Described as a “fancy calculator,” the app will help precinct chairs tabulate results during each phase of the caucus, and then send results to the Iowa Democratic Party headquarters. (For those chairs who don’t feel comfortable with an app, the traditional phone hotline will still be operating.)

After the results from the app are immediately transmitted to the party’s headquarters, a team of officials there will review them to look for possible outlier results. Each official will have a set of historical results and models that will help identify any result that looks suspicious; if a precinct has traditionally had a turnout of roughly 50 percent and results come in showing 98 percent, the team will be able to investigate.

“We knew that technology gave us some opportunities in this process, but with those opportunities came different challenges,” said Troy Price, the chairman of the Iowa Democratic Party. He said that the preference cards were a “clear way of double-checking and verifying results” and noted that the level of data preparation was more extensive than in recent years.

“We have been very diligent about doing our modeling and figuring out exactly what projected turnout could be at different levels,” Mr. Price said. “So we’ll be able to see if things look wildly incongruent from what we would expect.”



Why the Iowa Caucuses Are So Important

Protests in the 1960s, a mimeograph machine and a long-shot candidate all contributed to Iowa’s unlikely role in the presidential election process.

This was Iowa caucus night back in the mid-1970s. And these are members of the national media covering the voting. It was so unusual to see national media in Iowa back then that people actually paid to watch them. “The Democratic Party charged $15 a head for people to watch the media watch the people.” See, in previous years, Iowa’s caucuses just hadn’t attracted national attention. “There are 3,000 frozen media members in downtown Des Moines …” Just over a decade later, Iowa is the place to be. “… It’s Iowa caucus night. Let’s party.” [shouting] The caucuses are now a key part of the presidential election cycle. “Bush, 57.” They’re the first chance to see what kind of support candidates have among voters. So how did we get here, from caucuses that only Iowans seem to care about to the national spectacle we see today? Turns out, a lot of it was accidental. For most of Iowa’s history, its caucuses were dominated by political insiders. There was little room for input from rank-and-file members. An historian writing in the 1940s put it like this: “The larger number of party voters were deprived of a voice.” But the old ways start coming to an end in 1968. The country’s in turmoil, and so is the Democratic Party, mostly over the Vietnam War and civil rights. Basically, the party establishment wants to handle things one way, and many rank-and-file members have other ideas. All this comes to a head as the Democrats hold their national convention. Protesters gather outside. So do police. Inside, the mood is also tense. All this division leads the Democratic Party to rethink the nomination rules to include the voices of all party members in the process. This is how we come to the moment when Iowa becomes key to electing a president, basically by accident. First up, how Iowa became first to hold a presidential contest. It starts with new rules to give everyday members more of a say. So by 1972, winning Iowa now involves four stages. Iowans choose their top candidates, first at the precinct level. These are the caucuses at the heart of this story. But technically, there’s further voting at the county, congressional district and state levels. The new rules make things a lot more inclusive, but this creates new delays. Committees need to be formed, and everyone needs to have up-to-date party materials. The problem is, the state party only has an old mimeograph machine to make copies of all this. It’s really slow. So because of an old machine and a bunch of new logistics, the party decides it needs at least a month between each step to do it all. The national convention is set for early July, so you’d think that the state-level convention would happen about a month before, in June. Except, the party can’t find a venue that’s available to hold everyone. That little detail helps push everything earlier in a chain reaction. See what’s going on here? The precinct caucuses now have to happen early in the year. The party chooses a date that makes Iowa’s the first presidential contest. The New Hampshire primary has been the first kickoff contest since the 1950s, but Iowa Democrats aren’t necessarily looking for national attention. They just think it’ll be fun to be first. Still, attention is what they get. The story begins with George McGovern. “People didn’t know much about the Iowa caucuses. As a matter of fact, there wasn’t a great deal of interest in them.” He’s the long-shot candidate. He’s been at the bottom of national polls. “He often walked the campaign trail alone, little known by the voters.” Most people think this guy, Edmund Muskie, is going to be the big winner in Iowa. “That challenge is great, but we can meet it.” Then comes caucus night. As the people vote, state party officials gather at their headquarters. Richard Bender is one of them. “And we had about 10 or 12 press people show up. These press people included one guy, Johnny Apple.” Johnny Apple, a 37-year-old political correspondent for The New York Times. Iowa’s Democrats aren’t ready to publicize the results right away. They hadn’t expected much demand. According to Bender, only Johnny Apple asked for them that night. “I happen to be fascinated with such things, so I made it my business, beforehand, to understand it.” Bender sets up a phone tree to gather results from across the state. He adds them up himself with a calculator. And the next day, Apple’s article helps swing the national spotlight onto the caucuses. He’s got quite the story to tell. Muskie’s won, but just barely. Not the runaway win people were expecting. And McGovern comes in a strong second. No one expected that, either. The reformed caucus rules helped a long-shot candidate rise to the top. And because this is happening so early in the election now, and because Apple’s article gives the results national coverage, something else happens. “That got picked up by some of the national news shows.” “The Democratic front-runner has been damaged in Iowa.” “And wow, all of a sudden, we were being paid attention to.” McGovern eventually wins the Democratic nomination. “I accept your nomination with a full and grateful heart.” He loses the presidential election, but some haven’t forgotten what those early caucuses did for McGovern, including Georgia’s former governor, Jimmy Carter. Three years later … “There was a major headline on the editorial page of the Atlanta Constitution that said, ‘Jimmy Carter’s running for what?’ [laughter] And the ‘What’ was about this big. [applause] I’m running for president.” … Carter heads to Iowa before any other Democratic candidate. He’s got no national profile. “He didn’t have hordes of press following him around. It was a very lonely campaign.” Washington pundits call his candidacy laughable. “I remember when we couldn’t find a microphone.” “Jimmy Who?” becomes a catchphrase. Carter’s own campaign film plays it up. “Jimmy who?” “I don’t know who he is.” But as long as Iowans come to know him and like him, Carter bets that the media will start paying attention, just like with McGovern four years earlier. Carter campaigns as locally as possible. One day, he learns that he’s been invited on a local TV show. “And I said, that is great. I can’t believe it. I said, ‘What are we going to do?’ He said, ‘Do you have any favorite recipes?’ And I said, ‘What do you mean, recipes?’ He said, ‘Well, this is a cooking show.’ Well, they put a white apron on me and a chef’s hat. That was my only access to TV when I first began to campaign in Iowa.” His opponents are in Iowa, too, but they spend far less time there. Carter wins. “Surprisingly top of the class after his win in a somewhat obscure race in Iowa against the others.” “You can’t tell until we go to the other 49 states, but it’s encouraging for us.” A year later … “I, Jimmy Carter, do solemnly swear —” … he becomes the 39th president. Now we need to head to 1980 because we haven’t talked about the Republicans yet. Here’s the state’s Republican chairman that year. He’s asked why Iowa’s caucuses have become so important. “I think because Jimmy Carter got his start in Iowa in 1976.” The Republicans in Iowa are keen to copy the Democrat’s success, and one candidate in particular gets inspired by Carter’s underdog win: George H.W. Bush. He’s running against Ronald Reagan, Bob Dole and others, and he’s near the bottom of the pack. “Your name isn’t really a household word, but Ronald Reagan can —” But Bush goes big in Iowa. He gets a surprise win. It’s a far cry from just months before. “I was an asterisk in those days. And my feelings got hurt. And now, I’m no longer an asterisk.” Bush is now the third underdog to get a boost from the caucuses. The next morning on CBS, he distills the essence of this new Iowa effect. “We will have forward, ‘Big Mo’ on our side, as they say in athletics.” “ ‘Big Mo?’ ” “Yeah. Mo — momentum.” Bush loses to Reagan, but becomes vice president. And the desire to capture the “Big Mo” from Iowa has only grown, thanks in large part to Iowa’s embrace of being first, and the media storm that descends every four years. That’s despite the fact that most candidates who win … “This is a job interview.” … don’t become president. Plus, many point out that the state’s overwhelmingly white population doesn’t reflect the country’s diversity. “I actually think that we can find places that represent that balance of urban and rural better.” But the race to get the “Big Mo” out of Iowa persists because it’s the first chance to upend expectations, and put political fates in the voters’ hands.

Video player loading
Protests in the 1960s, a mimeograph machine and a long-shot candidate all contributed to Iowa’s unlikely role in the presidential election process.CreditCredit…Associated Press

In November, Iowa’s Democratic and Republican Parties teamed up with the Defending Digital Democracy Project at Harvard to run a drill of worst-case scenarios. The event, led by Robby Mook, the campaign manager for Hillary Clinton in 2016, and Eric Rosenbach, a former chief of staff at the Pentagon, featured a fire drill of sorts, designed by future Defense Department officers.

“We ran them through the ringer and pushed them really hard,” Mr. Mook said. “Some were much better at managing technical issues, and some were better managing information operations and disinformation, misinformation and communicating with the public. So I think they really learned from each other, and they created some best practices for each other.”

Evidence that officials in Iowa were taking outside threats seriously emerged nearly a year ago, when a plan for remote caucusing was quickly scuttled because of security concerns.

Though caucuses are inherently more secure as a result of their in-person structure, the decentralized nature presents an unusual challenge. Iowa, a state of three million people, has more than 1,700 precincts, and the chairs who run the caucuses are all volunteers. This year, there has been a more proactive and intensive training program, both on the new app and the new reporting process, led by the Iowa Democratic Party.

Of course, there is an element of performance to security; a physical show of force can act as a deterrent. On the ground in Iowa, security officials from the Democratic National Committee will be working with both state parties to respond to any perceived threats, and Facebook officials will be monitoring the lead-up to the caucuses through the weekend at their election offices in California.

Securing the campaigns themselves is a trickier proposition. The risks they face are varied: They have to protect their networks from hackers who could try to steal money; shut down systems at a key moment, like right before a debate or an election; or steal sensitive information, similar to the way that Mrs. Clinton’s 2016 campaign chairman, John Podesta, was successfully baited into turning over his email credentials.

Like much in cybersecurity, these problems can be at least partly solved by throwing money at them, and campaigns are spending more this year on security than they have in the past, according to experts and veteran staff members. But they can afford to spend only so much. Campaigns are, in essence, start-ups that face the prospect of dying every day. A dollar spent to guard against the possibility of an attack is not spent on fund-raising, advertising or turning out voters to win an election that is going to take place no matter what happens.

The same forces shape the culture of campaigns. They are mostly staffed by young people, and winning is the sole focus. Creating a culture that values security — a difficult proposition in the most established institutions — is particularly challenging in an organization that is by its very nature temporary.

The experience of the Buttigieg campaign and Mr. Baccio is instructive. The campaign eagerly promoted his hiring last summer, pointing out that it was the only Democratic campaign to have hired a chief information security officer.

But it was a poor match from the outset, according to people familiar with the inner workings of the campaign who spoke on the condition of anonymity because of nondisparagement clauses in the contract with Mr. Baccio. Many in the campaign saw Mr. Baccio’s security measures as clumsy and cumbersome; one staff member complained that an attempt to install mobile management software briefly cut off access to email across the entire campaign.

Mr. Baccio, for his part, saw the campaign’s resistance to some of the security measures he wanted to enact as indicative of a deeper cultural problem. “From the top down, there appears to be little desire to change or prioritize cybersecurity,” he wrote in his resignation letter.

There were other problems, too. The cybersecurity industry is filled with conferences, and speaking at them is routine for experts like Mr. Baccio, but the campaign’s leadership bristled at his appearances at events like CyberWarCon, which took place outside Washington in November. The campaign also wanted him to relocate to its headquarters in South Bend, Ind., where Mr. Buttigieg served as mayor. Mr. Baccio insisted on working from his home near Washington.

On Friday, the Buttigieg campaign said it had hired a new, outside firm for security, rather than a paid staff member.

“Our campaign has retained a new security firm and continues to be committed to digital security and protecting against cyberattacks,” said Chris Meagher, a spokesman for the campaign.

Though security officials have found no credible current threats to the Iowa caucuses, the possibility of dangerous disinformation campaigns on social media platforms is a constant looming concern, and one that the Harvard team pushed Iowa party officials on as well.

“It was not just pure cyberthreats, it was a lot on potential response to disinformation on social media,” Mr. Mook said.

Leading up to February, when the four early states will hold their caucuses and primaries, the D.N.C. held an intensive counter-disinformation training with each state party, and has been following up with biweekly trainings before the Iowa caucuses. A security and disinformation newsletter from the D.N.C. highlighting best practices is also sent out regularly.

And while Facebook has taken a hands-off approach to political campaigns that spread lies and disinformation in paid advertising, it has a specific policy that bans any disinformation about polling or voting. The company will be actively monitoring such activity and will be in contact with the D.N.C. and the Iowa Democratic Party.

Officials have also turned the disinformation battle over to the public. On Wednesday, Mr. Price addressed Iowans on Twitter, directing them to alert the state party of any disinformation they spotted online and providing the state party’s dedicated email address.

“It’s our top priority to ensure everyone has accurate facts about the caucuses,” he wrote. “That’s why we’re diligently tracking any disinformation — but we need your help, too.”

Nick Corasaniti reported from Des Moines, and Matthew Rosenberg from Washington.

Leave a Reply