audits (now required in 38 states), which can alert False Manipulation Narratives Could election officials to manipulation or errors. Undermine Public Confidence We assess that cyber operations targeting the We assess that adversaries could also make false electronic tabulation of results could delay results claims about their ability to manipulate US election reporting from affected jurisdictions, potentially infrastructure as part of a broader effort to undermine creating public uncertainty but probably not affecting confidence in US democratic processes. Much of the the integrity of certified results. Tabulated results are voting public probably knows little about the process of stored independently of copies displayed on results administering US elections, which could allow false websites, although investigations of malicious activity narratives to gain traction. Government efforts to could delay results and introduce public uncertainty investigate and publicly invalidate such claims could about the validity of vote counts. Denial of service take weeks or months, providing time for concerns about (DOS) attacks or manipulation of copies of the results in election security to spread. Disproving claims would transit would delay public access to the results or make also be impossible if adversaries evaded US intelligence them difficult to access, creating the appearance of collection. modified results.  Adversaries could make wholly fabricated  The Blue Ribbon Commission on the claims, such as announcing that they have vulnerabilities of Pennsylvania’s election compromised all US voting machines, a claim that infrastructure found the transmission of would be difficult and time-consuming—or preliminary results to public-facing websites is impossible—for the US Government to disprove. vulnerable to “man-in-the-middle” attacks, in which the attacker manipulates data mid-  Adversaries could also link an exaggerated transmission. Such attacks would not alter claim—for example, about their ability to affect the separately stored certified copies of tabulation election outcome—to actual operations, such as results, which are processed offline, but even short DOS attacks against election-related websites or delays in reporting the results could introduce intrusions into voter registration databases. doubts about the security of the election or the Linking the two could introduce public doubts validity of the results. about the validity of the election, even if the actual cyber operations were unrelated to the casting,  tabulating, and reporting of votes.  A widely publicized compromise of election infrastructure probably would undercut public confidence in the election, even if the compromise was not used to manipulate election- related data or systems. Mitigating Threats to Infrastructure  In May 2019, unidentified cyber actors rendered a US county election website unavailable We assess that enhancing the physical security on the night of a mayoral primary; the incident did and cyber protections of election systems and messaging not affect the tabulation results, which were stored the US public and adversaries could mitigate some of the on a separate system not connected to the Internet. vulnerabilities of the complex US election process. Potential measures include the following: [4]  Physical Security and Cyber Hygiene. These terms refer to adopting best practices for the physical and cyber protection of election facilities and equipment. Basic security measures―replacing obsolete equipment, strengthening password policy and audit processes, and implementing network segmentation―might prevent less sophisticated adversaries from disrupting election processes but probably would be insufficient to deter the most advanced and determined nation-state actors.  Third-Party Vendor Verification. Establishing and refining screening procedures for vendors who manufacture or transship election infrastructure could reveal shared vulnerabilities or insider threats.  Public Messaging and Education. Public messaging would be vital to providing accurate and timely information about the effects and limited scope of low-impact cyber operations. Partnerships with state and local election officials, cyber security firms, and the media could help minimize commercial disruptions, as well as counter cyber- enabled information operations. Timely public messaging before the election would help to educate the public about adversary goals and make US officials the trusted source for information about the integrity of the election process, recovery efforts, and investigations into attempted cyber attacks.  Messaging to Adversaries. Privately messaging adversaries to emphasize that attempts to manipulate US election infrastructure are unacceptable and would have serious consequences could deter them from taking such steps. [5]