What Will Mueller's Russia Report Mean For Election Security In 2020?

Enlarge this image toggle caption Mikhail Svetlov/Getty Images Mikhail Svetlov/Getty Images

Updated at 10:03 a.m. ET

The release of special counsel Robert Mueller's report may provide Americans with the best playbook yet on how to defend democracy in the lead-up to the 2020 presidential election.

In the days since Attorney General William Barr's letter to Congress, much of the focus has boiled down to one line from President Trump: "No Collusion, No Obstruction."

But judging by Barr's language and the details that have come to light through indictments filed by Mueller's team over the past two years, the report may also reveal more about how Russia attacked the 2016 U.S. presidential election.

The report's first section, according to Barr, focuses on Russian "computer hacking operations," which included the theft of emails from the Democratic National Committee and Hillary Clinton's campaign, as well as agitation online to try to exacerbate divisions among Americans.

Barr's summary didn't address an aspect of the interference that Mueller has described elsewhere, including the cyberattacks that targeted state elections infrastructure.

No public evidence has suggested that any votes were changed as a result of Russian interference efforts, but an indictment filed last summer detailed how Russian operatives stole voter data on 500,000 voters, targeted state boards of election and hacked a voting equipment vendor.

Michael Daniel, the CEO of the Cyber Threat Alliance and the former cyber czar for President Obama, admits now that he and his team "did not have an appreciation for the extent of the influence operations" coming from Russia before the election.

Although he realized in the summer of 2016 that Russia was doing something, Daniel said he has "been learning along with everybody else" about the broad extent of those efforts from the documents that the Mueller team has made public, along with public testimony from the big social media companies.

He's not the only one.

Election directors have been going through worst-case-scenario drills over the past two years, based on the multifaceted attack that Russia launched. State and local IT staffs have been allocating resources to shore up the vulnerabilities that were exploited.

"You have to take what was done in 2016 and be ready for that again," said Daniel.

Being prepared

Barr has said that his office will go through what Mueller has filed to redact sensitive or classified information and release the rest, although it isn't clear when. A Justice Department official told NPR that the process will take "weeks not months."

Security and elections officials can then study the report to see if there's more to learn about Russian cyberactivity or other types of interference that the special counsel might have uncovered.

One bit of good news, experts say, is that U.S. elections are safer now than they were four years ago for one reason: awareness.

Much of the Russian campaign relied on email "spear-phishing," in which a hacker sends a target an email meant to look like an official document in an attempt to gain access to the target's passwords or other sensitive information.

Now, people are better prepared for that. If election and campaign officials operate under the assumption that they can be the targets of such attacks, they are less likely to click on dangerous links.

There is also a clearer process for information-sharing with the federal government about potential cyberthreats in a way there didn't used to be.

Making the case

Larry Norden, the deputy director of the Brennan Center for Justice's Democracy Program, said he's curious to see the entire Mueller report to see if it provides any further details on the 2016 attack.

It's also important to have a narrative document that officials can use as they lobby for more election funding, he said.

"When you hear dribs and drabs of what happened and individual stories, it both can sound underwhelming and also can be difficult to understand the bigger picture," Norden said.

"Congress provided $380 million last year for election security, finally, after not providing any money for decades. And $380 million is a drop in the bucket compared to what's needed."

The success of Russia's attack in 2016 will almost certainly embolden other nation-states or activist groups going forward, Daniel said, making it all the more important for the United States to strengthen its defenses.

"All of this activity has opened the door to other kinds of actors following the same playbook and attempting to do the same thing the Russians have done," Daniel said.