【时代周刊 20160930】俄罗斯暗中破坏美国大选

满仓

【中文标题】俄罗斯暗中破坏美国大选
【原文标题】How Russia Wants to Undermine the U.S. Election
【登载媒体】时代周刊
【原文作者】Massimo Calabresi
【原文链接】http://time.com/4512771/how-russia-wants-undermine-us-election/?xid=homepage&pcd=hp-magmod

俄罗斯试图影响美国大选意指何方？



美国政府的领导人，包括总统和他的顶级国家安全顾问，都在面临一个前所未有的困境。从春季开始，美国情报机构和执法部门发现越来越多的迹象，证明俄罗斯正在积极地针对2016年总统大选施加影响。俄罗斯人不大可能左右最终投票的结果，因为我们的选举机制相当分散，而且在互联网上不可以投票。但是他们可以在大选日当天或者之前进行暗中破坏，数十名美国政府高层官员在接受《时代周刊》的采访时表示，俄罗斯人会削弱人们对大选结果的信心，进而破坏民主制度。

白宫内部多次会议上争论的话题是，对俄罗斯的行为要采取何种方式的回应。公开点名谴责俄罗斯，坦承情报部门所发现的证据，可以让美国民众了解实情，并谨慎应对投票截止日之前所发生的各种现象。司法部高层官员主张直接与俄罗斯对话，这个态度得到了政府外部两党立法机构和前国家安全高官的积极响应。

可惜问题并没有这么简单。总统和几位关系最密切的国家安全顾问对于在一个崭新、不受管辖的网络世界与俄罗斯对峙感到有些担心，他们认为尽管美国有足够强大的防御和进攻力量，但冲突升级会带来巨大的风险。国家安全委员会的官员说，我们最重要的基础设施，包括电网、交通管理系统和能源网络，无法承受第一波打击。另外一些人认为针对私有企业、证券交易和媒体的攻击会影响到国家经济。情报部门的高层官员甚至担心俄罗斯会公开美国的间谍行动作为其报复手段。尽管美国官员“高度自信”地认为俄罗斯主导了所谓的暗中破坏行动，但有高层官员在接受《时代周刊》采访时说，他们的证据在法庭上站不住脚。

于是，从5个星期之前开始，白宫任由事态的发展。一方面，美国的执法机构想尽办法了解俄罗斯行动的范围，试图阻止，同时强化选举网络的安全性。另一方面，一群身份隐秘的俄罗斯黑客以及他们的同伙愈发嚣张地搜寻可以盗窃文件的漏洞，目的是影响选民的意见，造成一种选举并不安全的印象，其中就包括来自民主党国家委员会电脑的邮件。与此同时，联邦调查局在8月中旬向全部50个州发出警告，通知他们有关“大量”入侵选举系统的迹象，联邦调查局和国土安全部“正在试图了解更详细的信息”。

这一切，让唐纳德•特朗普多次把自己置身于美俄关系的漩涡中的行为变得令人震惊。特朗普在竞选中曾经称赞普京，在9月26日的第一次竞选辩论中，他说他并不确定俄罗斯人操纵了民主党国家委员会的黑客行动。但是多个情报机构和国家安全部门的官员在接受《时代周刊》的采访时表示，美国情报机构“高度确信”俄罗斯情报部门的确要为此负责。一位了解此事的美国官员告诉《时代周刊》，特朗普在最近一次秘密的情报吹风会中被告知此事。特朗普在一份声明中对《时代周刊》说：“我不会评论情报吹风会上得到的消息，但是，没有人可以确切证明这就是俄罗斯干的。或许是他们，也可能是中国，还有可能是其它国家，甚至某些个人。”

俄罗斯对美国选举的干涉，是它已经令人深感忧虑的行为的一次异乎寻常的升级。在过去两年半的时间里，俄罗斯通过互联网逐渐向西渗透它的干涉行为，从前苏联的加盟共和国转移到北约组织成员国。奥巴马总统在7月26日接受NBC新闻采访时说：“他们定期扰乱欧洲的选举活动。”俄罗斯早在4月就建立了进攻美国的网络桥头堡，官方担心，在选举的最后几个星期里，俄罗斯的网络进攻将会扰乱计票、选举报告系统和媒体，其造成的混乱会给下一任总统和民主进程带来影响。

奥巴马不直接指责俄罗斯间谍行径的决定，把让美国民众知晓内情的工作留给了政策制定者和国防专家们。9月22日，参议院和众议院情报委员会的两位民主党成员，加利福尼亚州参议院黛安•费因斯坦和立法委员亚当•希福发表了一份颇为直言了当的声明。他们说：“根据我们所了解到的信息，我们认为俄罗斯情报机构正在试图影响美国大选。至少，他们的所作所为是为了让我们意识到选举的安全性存在问题。”他们还说，俄罗斯情报机构采取这种行动，是得到了政府高层的授意。“我们要求[俄罗斯]总统[弗拉基米尔•]普京立即下令停止这种行为。”这份声明尽管没有公开得到政府的批准，但明显经过了中央情报局的同意。

想要了解为什么普京力图削弱美国大选的合法地位，我们需要暂时离开漫长、丑陋的总统竞选活动，回想一下我们究竟为什么要投票。选举是我们民主制度权威的最终来源。共和党和民主党几十年来都认为传播民主制度对所有人都是件好事，所以美国极力向全世界推广自由、公平的选举制度。很多国家已经接纳了这种制度：巴尔干的农民穿上节日的盛装前往投票站；阿富汗身穿罩袍的妇女不惧恐怖分子的威胁，排队几个小时投上一票。

毫无意外，前苏联的那些准独裁统治者、中国当代的共产主义者和中东地区的中世纪神权统治者，以及其他一些人，认为美国偶尔表露出的激进的自由民主传道行为，是对他们的权力赤裸裸的威胁。普京对此尤其愤怒，他谴责美国——尤其是前国务卿希拉里•克林顿——干涉2012年的俄罗斯大选。他公开质疑美国过去大选的合法性，他在6月17日说选举团“你管这叫民主？”专家表示，普京正在把他的反美行动扩张到互联网领域。迪米特里•阿尔佩罗维奇是CrowdStrike公司的创始人和首席技术官，这家网络安全公司负责分析民主党国家委员会所遭到的黑客进攻。他说：“俄罗斯的这次行动并不是想要把某个人推上总统的职位，而是要彻底推翻自由、公平的选举理念。”

没有人比亚利桑那州州务卿米歇尔•里根有更深切的体会。6月份的一天，她在菲尼克斯家的后院接到了她的幕僚长的电话。他说：“你坐稳了吗？”联邦调查局一直在监控一个所谓黑暗网络的互联网角落，就是犯罪分子用来交易毒品、儿童色情活动和盗取身份信息的隐藏网站。一个名叫“奇异熊”的黑客团伙——美国政府认为幕后的控制人是俄罗斯军方情报机构——正在出售一个属于亚利桑那州选举办公室的用户名和密码，可以读取400万人的个人信息。里根回忆道：“我的第一反应是，天啊，这是你能听到的最糟糕的信息了。”

里根和联邦调查局的人试图确定俄罗斯人用什么方法入侵亚利桑那州的系统，以及应该采取什么防范措施。结果发现，仅有5.4万人口的希拉县的一位选举官员无意中打开了电脑上的一个WORD文件，其中含有恶意软件。幸运的是，奇异熊入侵的是一个本地的电脑系统，并不是全国范围的选举登记数据库。其他人就没那么幸运了，奇异熊的电子足迹出现在民主党全国委员会的电脑中。在伊利诺伊州，联邦政府工作人员发现奇异熊在7月中旬从州注册系统中盗取了8.5万名选民的信息。月底，民主党国会竞选委员会也发表声明，他们遭到了奇异熊的入侵。

还有其它一些州报告了来源不明的网络入侵现象，政府希望安抚民众，让他们相信计票程序是安全的。国土安全部部长杰伊•约翰逊在9月16日说：“我们对于选举系统的整体安全性有足够的信心。系统有众多的分支，受地方管控，还内嵌了很多制衡的机制。”美国有9000多个投票点，使用的设备都没有接入互联网，各地独立统计、上报选举结果，而且大部分地区都保留着原始的纸质和电子投票记录，以备二次统计使用。

政府也的确向俄罗斯释放出信号。据情报部官员透露的信息，美国曾私下警告，任何影响选举结果的企图都是不可接受的。国务卿约翰•克里于7月27日在老挝向俄罗斯外交部长谢尔盖•拉夫罗夫传达了这个信息。在9月6日的G-20峰会上，奥巴马把普京拉到一边，单独讨论了网络安全问题。一位白宫官员告诉《时代周刊》，当时没有副手在场。在随后的一个新闻发布会上，总统呼吁双方克制使用网络武器，不要试图挑战美国的网络力量。奥巴马说：“坦率地说，我们比任何人都拥有更强大的网络进攻和防御能力。”

普京用暗中影响的手段打击对手，这个传统来源于他自身的经历。1999年，当他沿着克里姆林宫的晋升路线扶摇直上时，他的主要对手——总检察长尤里•斯库拉托夫——被监控视频记录下在一家酒店的房间里与两个女人厮混。斯库拉托夫后来宣称，这是普京设下的圈套，叫做“甜蜜陷阱”。普京从前苏联时代的克格勃特工晋升为这个国家的情报机构负责人，他否认自己在背后操纵，并在电视上发表讲话，说他的特工已经确认模糊不清的视频画面上的人就是斯库拉托夫。第二年，普京顺利赢得了总统大选。他的对手斯库拉托夫仅获得了不到1％的选票。

接下来的十年，互联网迅速发展，俄罗斯把网络武器作为政治干涉的标准工具。针对一场选举散布恐慌情绪的行为，在乌克兰得到了充分的展现。2014年5月25日乌克兰总统大选前三天，中央选举委员会的电脑系统瘫痪。负责维护系统的网络安全公司Infosafe的技术负责人维克多•左拉说：“服务器无法使用，与地方选举机构的通信中断。基本上，一切都瘫痪了。”

左拉和他的团队成功地让系统在投票前恢复正常巡行，他们确信，网络攻击行为的发起者——所谓的CyberBerkut——是为俄罗斯安全部队做掩护。导致系统瘫痪的恶意软件在市场上找不到，完全是专门设计的。而且，攻击的效果与俄罗斯破坏选举有效性的战略目的相吻合。左拉说，黑客可以操纵计票的结果，但是“他们真正的目的是摧毁这个系统，破坏数据，在大选开始前格式化硬盘。”CyberBerkut的行动似乎与俄罗斯的国家宣传口径一致。左拉和他的团队阻止了CyberBerkut试图在选举委员会网站上公布虚假投票结果的进一步企图，这个结果将会显示一个极右派军方政客遥遥领先。在选举还没有结束的时候，这个虚假信息的网页竟然出现在俄罗斯的主流国有新闻媒体网站上。

俄罗斯还试图干涉美国主要盟友的选举活动，这些国家曾经因为俄罗斯入侵乌克兰而发起经济制裁。俄罗斯的网络行动让平民论者和反移民党派普遍受益，这些人反对西欧国家在面对俄罗斯的步步紧逼时团结起来。8月，一个鱼叉式网络钓鱼电子邮件袭击了德国党内官员的办公室，其中包括总理安吉拉•默克尔的基督教社会主义党派党员。邮件中所包含的恶意软件显示出奇异熊的签名。德国顶级网络防御官员阿内•舒恩波姆在9月9日说，这次攻击意在操纵明年的议会选举。默克尔曾经命令德国情报部门调查俄罗斯炮制的一个虚假的故事，有关一个俄罗斯女孩在德国被移民强奸，这个故事有力地推动了右翼反对党德国选择党迅速的崛起。该党派在9月份首相家乡的地区投票中，击败了默克尔的基督教社会党。

在法国，一家与克里姆林宫交往过密的俄罗斯银行，在2014年11月向极右派党首马琳•勒庞贷款900万欧元，帮助她准备一年后的区域选举，结果她取得了历史上最好的选举结果。俄罗斯还采取了一些更加微妙的情报行动，以煽动反移民情绪和对国土安全的恐惧心理，同时帮助勒庞崛起。2015年4月，法国广播电台TV5Monde的节目突然中断，整整18个小时，这个频道的画面只是伊斯兰国标志性的黑色旗帜。根据伦敦《星期日泰晤士报》和美国官员披露的信息，法国情报官员和英国情报机构政府通信总部发现，始作俑者并不是伊斯兰国，而是奇异熊。

英国也成为了袭击的目标。《泰晤士报》援引独立观察家大卫•安德森的话说，英国情报机构政府通信总部在2015年5月7日挫败了俄罗斯人一次破坏大选的企图。《泰晤士报》说，奇异熊计划攻击政府的网络服务器和主要的电视台，但大部分目标完好无损。2014年秋天，受克里姆林宫资助的亲俄RT电视台在英国展开了一次为期24小时的新闻攻势。俄罗斯专家说，它所传达的信息就是西方民主并非一剂良药。欧洲民权专家、印第安纳大学访问教授彼得•克罗克说：“这是一个怀疑一切的论调：谁都不是民主的。”

悲观的克里姆林宫观察人士担心，普京把心理操纵和网络战争武器相结合，究竟会造成多大影响。他们认为，普京对他国选举的干涉与他最近奉行所谓的格拉希莫夫主义有关。这是一种与传统的武装冲突大相径庭的策略，因俄罗斯总参谋长瓦列里•格拉希莫夫而得名，它主要依赖网络战争和影响战略作为取胜的手段。格拉希莫夫在2013年一篇著名的宣言中说：“一个欣欣向荣的国家，可以在几个月，甚至几天的时间里，通过政治、经济、信息、人道和其它非军事手段，佐以民众潜在的抗议情绪，变成一个充满暴力武装冲突的屠宰场。”

普京就是用这种手段在2014年煽动东乌克兰的分裂主义者。但是接受有关这篇文章采访的现任和前任情报官员，以及国土安全部官员都认为，普京在干涉西欧和美国大选过程中最主要的受益，是可以帮助他应对国内政治和外交挑战的筹码。美国一位高层情报官员说：“长远来看，如果人们开始质疑我们选举制度的可信度，对俄罗斯来说是有好处的。但是我更坚定地认为，最终决定者是国内的选民和俄罗斯的民众。”欧洲和美国越混乱，对俄罗斯越好。


在新罕布什尔州州平克顿学院为民主党候选人伯尼•桑德斯举办的竞选集会。

普京丝毫没有收手的迹象，即使其干涉行为已经被揭穿。4月份，民主党国家委员会怀疑系统遭到入侵，于是找来网络防御公司CrowdStrike，这家公司是阿尔佩罗维奇和几名前政府网络安全专家在2011年联合成立的。CrowdStrike熟悉奇异熊的行事方式，他们曾经在加拿大、日本和前苏联加盟共和国格鲁吉亚发现过这个组织的系统入侵行为。他们可以根据俄罗斯独特的网络技术——包括恶意软件中不公开的代码、其遍布全世界的服务器架构和入侵网络后隐藏的方式——来识别出这个组织。阿尔佩罗维奇在检查过民主党国家委员会的电脑之后，确定这就是俄罗斯人所为。CrowdStrike通常会把调查结果保密，但是民主党国家委员会表示，俄罗斯人试图干涉我们政治制度的行为令人愤怒。阿尔佩罗维奇说：“他们希望我们能站出来。”

民主党国家委员会在6月份遭到袭击的事件被曝光后12个小时，一名自称为Guccifer 2.0的罗马尼亚黑客出现了，试图质疑CrowdStrike确定攻击行为来自俄罗斯军方情报部门的结论。Guccifer 2.0开始在博客和推特上泄露来自民主党国家委员会的信息，但是他所自称的身份并不是那么令人信服。当记者在网络上与他联系，他所回复的罗马尼亚语中有大量的错误。美国政府官员在私下确认，他们相信奇异熊和俄罗斯军方情报部门主导了针对民主党国家委员会和民主党国会选举委员会的攻击。

随着大选邻近，越来越多的信息被泄露给公众，一群面目不清的演员即将上演一场大戏。就在民主党国家委员会遭到攻击的时候，出现了一个网站DCleaks.net，建立网站的组织自称为“黑客活动者”。6月份，这个组织开始公布网络入侵获得的信息，包括已退休的上将、美国驻欧洲指挥官、北约联合武装力量总司令菲利浦•布里德洛夫发给前国务卿科林•鲍威尔的邮件，询问如何才能说服奥巴马采取更强有力的手段反对俄罗斯干涉乌克兰。

起初，并没有任何证据可以证明DCleaks与俄罗斯黑客之间存在联系，即使现在我们也不甚明了网站背后的运作者究竟是谁。但是在6月底，Guccifer 2.0与网站Smoking Gun取得联系，向它提供了一个链接，是DCleaks正准备公开的民主党国家委员会资料。最近几个星期，DCleaks公开了鲍威尔更多的邮件，其中包括诋毁克林顿的语言，尽管大部分邮件的内容还是支持性的。近期，这个网站公布了据说是米歇尔•奥巴马护照的复印件。

这些被泄露的信息滋生了孤立主义政策，而不是那些与俄罗斯直接对峙的政策。布里德洛夫的邮件表明美国未能成功地领导起把俄罗斯赶出乌克兰的任务；民主党国家委员会的文件——不知怎么已经传播到维基解密——在民主党全国大会之前削弱了普京的宿敌克林顿的信誉；DCleaks宣称可以得到第一夫人的护照，证明了美国在恐怖袭击前无力招架。

普京尽一切所能进行否认。9月2日，在接受《商业周刊》的电视采访时普京被问到，俄罗斯是否参与了民主党国家委员会的攻击，他说：“我对此一无所知。”但是他似乎颇为欣赏——如果我们不说感到自豪的话——奇异熊的所作所为。“他们的工作就像是精密的珠宝师，手法细腻。他们可以在正确的地点、正确的时间留下他们自己或者其它人的足迹，以掩盖他们真正的目的，让整起事件看起来就像来自其它地方、其它国家的其它黑客所为。”

实际上，或许一个真正的珠宝大盗——或者一批珠宝大盗——才有机会操纵美国的总统大选。肯尼索州立大学选举系统中心主任莫尔利•金说，美国基层的计票设备没有连入互联网，由数千个选区独立控制，因此基本上是安全的。联邦政府已经发布了针对已知系统弱点的补丁，还对政府的电脑全面扫描。乔治•W•布什的国土安全部长迈克尔•切尔托夫说，美国的网络反间谍机构会密切关注“任何来自海外，甚至来自本土的疑似攻击行为”。联邦调查局已经开始正式调查民主党国家委员会、民主党国会选举委员会、亚利桑那州和伊利诺伊州遭到攻击的事件。

但是随着大选临近，一些专家认为政府的动作太慢了，应该尽早公开俄罗斯的网络行动，让民众了解实情。成员包括前国土安全高官切尔托夫在内的一个两党组织，在7月份呼吁奥巴马公布民主党国家委员会袭击案的主谋。阿尔佩罗维奇说，美国误解了网络战争的含义。“美国政府在过去二十年里仅关注网络空间的动态影响，如何制作所为的网络炸弹，因为我们过去遭遇的就是这类袭击。但是俄罗斯人了解网络的真正力量所在，就是影响人心、心理战争，改变人们对眼下发生事情的认知态度。”

在整个夏天，特朗普竞选的重要因素就是质疑美国选举制度的有效性。特朗普月8月1日在俄亥俄州说：“这场选举恐怕会被人操纵，我必须诚实地说。”特朗普告诉他的支持者，这场选举的目的就是“阻止希拉里操纵选举”。

在第一次竞选辩论上，当比问到他们是否会支持选举的结果时，两位候选人都表示会支持。但是特朗普曾经有过相反的举动。2012年大选揭晓日当晚，他在推特上发布虚假的共和党获胜的消息，煽动民众起义。特朗普在推特上说：“虚伪的选举团变成了国家的笑柄，全世界都在嘲笑我们，投票越多，损失越大……革命！大选彻底变成了耻辱和笑话，我们根本不是民主国家！”

克林顿说普京试图让特朗普当选，这并没有确凿的证据。特朗普的确与俄罗斯颇有渊源，他的前任竞选负责人曾经在乌克兰为普京的代言人工作，直到那里爆发民主革命。特朗普的家人和一名外交政策顾问在俄罗斯有数千万美元的生意，具体数字不明，特朗普拒绝透露俄罗斯生意伙伴的细节信息。

这些问题甚至让思想顽固的共和党人也颇为担忧。切尔托夫在90年代中期负责领导参议院白水事件委员会，调查比尔•克林顿和希拉里•克林顿在阿肯色州令人费解的土地交易事件，这是民主党总统候选人的决定因素。但是他谨慎地注意到特朗普有关操纵选举的谈话。切尔托夫说：“这个时候提到选举舞弊的问题，太危险了。”

在亚利桑那州，共和党人米歇尔•里根在想法设法保证投票的安全。在听说了奇异熊黑客行为之后，她让整个州投票数据库脱网了10天，以确保安全。在与联邦调查局和她自己的网络安全团队的沟通中，她学到了SQL命令注入、双因素认证等词汇。她说：“是的，我们相信现在是安全的。”

这并不意味着她不担心俄罗斯破坏投票可信度的企图。她说：“我们现在知道，网络中有很多坏人，来自其它国家，试图让我们恐慌。这不仅仅是偷窃和篡改信息，我相信更大的阴谋是改变我们的行为，削弱美国全体选民的意愿。”那么她有什么建议给美国人来回应普京的行为呢？“我们需要做的就是鼓励人们参与进来，与政府保持沟通，走出家门去投票。”




原文：

What's behind Russia's effort to influence the U.S. election

A campaign event at Pinkerton Academy in Derry, NH for Democratic candidate Bernie Sanders

The leaders of the U.S. government, including the President and his top national-security advisers, face an unprecedented dilemma. Since the spring, U.S. intelligence and law-enforcement agencies have seen mounting evidence of an active Russian influence operation targeting the 2016 presidential election. It is very unlikely the Russians could sway the actual vote count, because our election infrastructure is decentralized and voting machines are not accessible from the Internet. But they can sow disruption and instability up to, and on, Election Day, more than a dozen senior U.S. officials tell TIME, undermining faith in the result and in democracy itself.

The question, debated at multiple meetings at the White House, is how aggressively to respond to the Russian operation. Publicly naming and shaming the Russians and describing what the intelligence community knows about their activities would help Americans understand and respond prudently to any disruptions that might take place between now and the close of the polls. Senior Justice Department officials have argued in favor of calling out the Russians, and that position has been echoed forcefully outside of government by lawmakers and former top national-security officials from both political parties.

Unfortunately, it’s not that simple. The President and several of his closest national-security advisers are concerned about the danger of a confrontation in the new and ungoverned world of cyberspace, and they argue that while the U.S. has powerful offensive and defensive capabilities there, an escalating confrontation carries significant risks. National Security Council officials warn that our critical infrastructure–including the electricity grid, transportation sector and energy networks–is vulnerable to first strikes; others say attacks on private companies, stock exchanges and the media could affect the economy. Senior intelligence officials even worry about Russia exposing U.S. espionage operations in retaliation. And while U.S. officials have “high confidence” that Russia is behind what they describe as a major influence operation, senior U.S. officials tell TIME, their evidence would not yet stand up in court.

And so with five weeks to go, the White House is, for now, letting events unfold. On one side, U.S. law-enforcement agencies are scrambling to uncover the extent of the Russian operation, counter it and harden the country’s election infrastructure. On the other, a murky network of Russian hackers and their associates is stepping up the pace of leaks of stolen documents designed to affect public opinion and give the impression that the election is vulnerable, including emails from the computers of the Democratic National Committee (DNC). Meanwhile, the FBI alerted all 50 states to the danger in mid-August, and the states have delivered evidence of a “significant” number of new intrusions into their election systems that the bureau and their colleagues at the Department of Homeland Security “are still trying to understand,” a department official tells TIME.

All of which makes Donald Trump’s repeated insertion of himself into the U.S.-Russia story all the more startling. Trump has praised Putin during the campaign, and at the first presidential debate, on Sept. 26, he said it wasn’t clear the Russians were behind the DNC hack. But the U.S. intelligence community has “high confidence” that Russian intelligence services were in fact responsible, multiple intelligence and national security officials tell TIME. Trump was informed of that assessment during a recent classified intelligence briefing, a U.S. official familiar with the matter tells TIME. “I do not comment on information I receive in intelligence briefings, however, nobody knows with definitive certainty that this was in fact Russia,” Trump told TIME in a statement. “It may be, but it may also be China, another country or individual.”

Russia’s interference in the U.S. election is an extraordinary escalation of an already worrying trend. Over the past 2½ years, Russia has executed a westward march of election meddling through cyberspace, starting in the states of the former Soviet Union and moving toward the North Atlantic. “On a regular basis they try to influence elections in Europe,” President Obama told NBC News on July 26. With Russia establishing beachheads in the U.S. at least since April, officials worry that in the final weeks of the campaign the Russian cybercapability could be used to fiddle with voter rolls, election-reporting systems and the media, resulting in confusion that could cast a shadow over both the next President and the democratic process.

Obama’s decision not to call out the Russian espionage operation has so far left the effort to educate Americans about it to lawmakers and national-security experts. On Sept. 22, the ranking Democrats on the Senate and House Intelligence Committees, California’s Senator Dianne Feinstein and Representative Adam Schiff, released an unusually blunt statement. “Based on briefings we have received, we have concluded that the Russian intelligence agencies are making a serious and concerted effort to influence the U.S. election,” they said. “At the least, this effort is intended to sow doubt about the security of our election.” Orders for Russian intelligence agencies to conduct electoral-influence operations, they added, could come only from very senior levels of government. “We call on [Russian] President [Vladimir] Putin to immediately order a halt to this activity.” The statement, though not endorsed publicly by the Administration, was cleared with the CIA.

To understand why Putin would want to undercut the legitimacy of the U.S. election, it helps to step back from the long and ugly presidential campaign and remember why we’re voting in the first place. Elections are the ultimate source of authority in our democracy. Because Republicans and Democrats have agreed for decades that spreading democracy is good for everyone, America has pushed for free and fair elections around the world. And many nations have embraced them: peasants in the Balkans put on their Sunday best to go to the polls, and burqa-clad women in Afghanistan brave terrorist attacks to stand in line for hours to cast their ballots.

Not surprisingly, quasi-authoritarian rulers in the former Soviet Union, latter-day communists in China and medieval theocrats in the Middle East, among many others, see America’s sometimes aggressive evangelism about the benefits of liberal democracy as a direct threat to their own claims to authority. Putin has taken particular umbrage, accusing the U.S.–and former Secretary of State Hillary Clinton in particular–of meddling in Russia’s presidential election in 2012. He has publicly questioned the validity of past U.S. presidential elections, saying, on June 17, of the Electoral College, “You call that democracy?” Now, experts say, Putin is expanding his anti-American campaign into cyberspace. “More than any attempt to get one candidate or another elected, this [Russian influence operation] is about discrediting the entire idea of a free and fair election,” says Dmitri Alperovitch, co-founder and chief technology officer of CrowdStrike, the cybersecurity company that did the analysis of the DNC hack.

No one knows that better than Arizona secretary of state Michele Reagan. One day in June she was in her backyard in Phoenix when she got a call from her chief of staff. “Are you sitting down?” he asked. The FBI had been monitoring a corner of the so-called dark web, the network of hidden sites used by criminals to buy and sell drugs, pedophilic pornography and stolen identities. A group of hackers known collectively as Fancy Bear, which the U.S. government believes is controlled by Russian military intelligence, was trying to sell a user name and password that belonged to someone in an Arizona county election official’s office, which holds the personal data of almost 4 million people. “My first reaction was, Well, this is like the worst thing that you want to hear,” Reagan recalls.

Reagan and the FBI scrambled to figure out how the Russians had gotten into Arizona’s system and what needed to be done to secure it. It turned out that an election official in rural Gila County, pop. 54,000, had opened a Word document on her desktop computer that contained malicious software. Fortunately, while Fancy Bear had penetrated a local computer system, it hadn’t accessed the statewide registration database. Others weren’t so lucky. Fancy Bear’s electronic fingerprints were found on the hack into the DNC computers. In Illinois, the feds found that Fancy Bear had stolen 85,000 voter records from that state’s registration systems in mid-July. Later that month, the Democratic Congressional Campaign Committee (DCCC) revealed that it, too, had been hacked by Fancy Bear.

With other states now reporting intrusions of unknown origin, the government wants to reassure the public that the vote count itself is safe. “We have confidence in the overall integrity of our electoral systems,” Homeland Security chief Jeh Johnson said on Sept. 16. “It is diverse, subject to local control, and has many checks and balances built in.” Each of the U.S.’s more than 9,000 polling places uses machines not connected to the Internet, precincts count and report their results independently, and most have paper or electronic backups in case a recount is needed.

The Administration has a message for Russia too. The U.S. has privately warned that any effort to sway the election would be unacceptable, intelligence and other Administration officials tell TIME. Secretary of State John Kerry delivered the message to his counterpart, Russian Foreign Minister Sergei Lavrov, in Laos on July 27. During a 90-minute meeting with Putin on the sidelines of the G-20 meeting on Sept. 6, Obama pulled Putin aside and discussed the cyberconcerns one-on-one, with no aides present, a White House official tells TIME. In a press conference later, the President called for restraint on all sides in the use of cyberweapons and issued a veiled threat about America’s cyberpowers. “Frankly, we’ve got more capacity than anybody both offensively and defensively,” Obama said.

Putin’s history of using influence operations against opponents begins, appropriately enough, with himself. As he was rising quickly through the Kremlin ranks in 1999, one of his main opponents, Prosecutor General Yuri Skuratov, was caught on tape having sex with two women in a hotel room in what Skuratov later claimed was a Putin-run espionage operation traditionally known as a “honey trap.” Putin, who had risen from a Soviet-era KGB operative to head the country’s intelligence services, denied he was behind it but said on TV that his agents had confirmed that the man in the grainy video was Skuratov. Putin went on to win the presidency the next year. Skuratov, who ran against him, got less than 1% of the popular vote.

With the expansion of the Internet in the decade that followed, the Russians adopted cyberweapons as a standard tool of political meddling. Nowhere has their tactic of spreading chaos around a vote been clearer than in Ukraine, where three days before the presidential election on May 25, 2014, the computer systems of the Central Electoral Commission went dark. “The servers wouldn’t turn on. The links to the local election authorities were cut off,” says Victor Zhora, director of the cybersecurity firm Infosafe, which had been hired to defend the system. “Literally, nothing worked.”

As Zhora and his team worked successfully to restore the system in time for the vote, they became convinced that the collective behind the hack, known as CyberBerkut, was a front for Russian security services. The malware that crashed the system was not available on the market and had been built from scratch. And the effect of the attack supported Russia’s strategic goal of undermining the validity of the election. The hackers could have manipulated the outcome of the vote, Zhora says, but “their main goal was to take out the system itself, to destroy the data, to wipe out the hard drives before the elections started.” Moreover, the CyberBerkut efforts appeared to be coordinated with Russian state propaganda. Zhora and his team stopped a subsequent effort by CyberBerkut to post false voting results on the election commission’s website that would have showed a far-right militant ahead in the polls. But a screenshot of the fake web page appeared anyway on Russia’s main state-run news network as the vote was still going on.

Russia has also meddled in the elections of major U.S. allies that have imposed sanctions on Russia for its invasion of Ukraine, and many of the Russian cyberoperations have benefited populist, anti-immigrant parties that oppose Western European unity in the face of rising Russian aggression. In August, a spear-phishing e-mail attack targeted German party officials, including some members of Chancellor Angela Merkel’s Christian Democrats. The emails contained malware that bore the signatures of Fancy Bear, according to Germany’s top cyberdefense official, Arne Schönbohm, who warned on Sept. 9 that the attack could be an attempt to manipulate parliamentary elections next year. Merkel had previously ordered German intelligence agencies to look into Russia’s peddling of a false story about a Russian girl raped by migrants in Germany–a story that has helped fuel the rise of the right-wing opposition party AfD. That party beat Merkel’s Christian Democrats in a regional ballot in the Chancellor’s home district in September.

Farther west, in France, a Russian bank with close ties to the Kremlin lent the far-right party of Marine Le Pen some 9 million euros in November 2014, helping it prepare for regional elections a year later, when it received its best results ever. Russia also tried a more subtle information operation designed to fuel the anti-immigrant and national-security fears that have contributed to Le Pen’s rise. In April 2015, the programming of the French broadcaster TV5Monde was blocked by unknown hackers, and for 18 hours the channel’s websites transmitted only the image of the signature black flag of ISIS. French intelligence officials and the British signals-intelligence agency, the GCHQ, found it was not ISIS but in fact Fancy Bear that was behind the hack, according to a Sept. 25 article by the London Sunday Times and U.S. officials.

Britain, too, has been targeted. The Times article quoted David Anderson, an independent watchdog appointed under British law, as saying the GCHQ had blocked a Russian attempt to disrupt the May 7, 2015, general election there. The Times said Fancy Bear planned to target government servers and major TV broadcasters. But not all stations were to be hit. In the fall of 2014, the pro-Moscow RT network, which is funded by the Kremlin, launched a 24-hour news network in the U.K. aimed at British viewers. The message, Russia experts say, is that Western democracy is not so hot. “It’s a cynical message: No one is democratic,” says Peter Kreko, an expert on the European right and a visiting professor at Indiana University.

The most pessimistic Kremlin watchers worry how far Putin will go with the combination of psychological manipulation and cyberwarfare. They view the pattern of Russia’s electoral meddling in the context of Putin’s recent embrace of what is known as the Gerasimov doctrine, a nontraditional approach to military conflict named after the chief of the Russian general staff, Valery Gerasimov, that relies heavily on cyberwar and influence operations. “A perfectly thriving state can, in a matter of months and even days, be transformed into an arena of fierce armed conflict,” Gerasimov posited in a now famous 2013 manifesto, through “political, economic, informational, humanitarian and other nonmilitary measures applied in coordination with the protest potential of the population.”

That is how Putin stoked a separatist rebellion in eastern Ukraine in 2014. But the current and former senior intelligence and national-security officials interviewed for this story agree that the principal benefit Putin gains from his Western European and U.S. meddling is the leg up it gives him with his own political and diplomatic challenges at home. “In the long run, if people start to question the integrity of our election system,” says one senior U.S. intelligence official, “potentially to Russia that’s a plus. But I would argue more strongly that this is as much about domestic constituents and his public,” the official says. The more chaos in Europe and the U.S., the better.

Putin has shown little sign of stopping, even when meddling is discovered. In April, the DNC suspected it had been hacked and called in the cyberforensics firm CrowdStrike, which was co-founded in 2011 by Alperovitch and employs a number of former government cybersecurity experts. CrowdStrike was familiar with Fancy Bear: it had previously found the group’s hacks in Canada, Japan and the former Soviet republic of Georgia. It identifies the group based on the Russians’ unique cybertradecraft, including nonpublic code in its malware, its infrastructure of servers around the world and the techniques that it uses to move and hide within the systems it penetrates. After inspecting the DNC computers, Alperovitch concluded that the hack was indeed executed by the Russians. And while CrowdStrike usually keeps its findings secret, the DNC told the company it was outraged that the Russians were trying to interfere with our political system, and “they wanted us to come forward,” Alperovitch says.

Twelve hours after the DNC break-in was revealed in June, a hacker who insisted he was Romanian and who called himself Guccifer 2.0 popped up online and tried to discredit CrowdStrike’s attribution to Russian military intelligence. Guccifer 2.0 started leaking information from the DNC hack in blog posts and on Twitter, but his professed identity wasn’t very convincing. When reporters reached out to him online, for example, the responses he sent in Romanian were riddled with errors. U.S. government officials privately confirm that they believe Fancy Bear and Russian military intelligence are behind the DNC and DCCC hacks.

The pace of leaks has accelerated as the election approaches, revealing a murky network of actors. Around the time of the DNC hack, a website called DCleaks.net was established by a group identifying themselves as “hacktivists.” By June the group began posting hacked documents, including emails from retired General Philip Breedlove, the former commander of NATO and U.S. forces in Europe, asking former Secretary of State Colin Powell how to persuade Obama to more forcefully oppose Russian meddling in Ukraine.

Initially, there was no evidence of a connection between DCleaks and Russian hackers, and even now it is not clear who is behind the site. In late June, however, Guccifer 2.0 contacted the website the Smoking Gun and provided it with a link to material from the DNC hack that DCleaks was preparing to publish. In recent weeks, DCleaks has published new emails belonging to Powell, which included damaging remarks about Clinton, even though the overall gist of his emails was supportive. And recently, the site published what purported to be a copy of Michelle Obama’s passport.

The leaks tend to favor isolationist policies over ones aimed at confronting Russia. The Breedlove leaks showed an embarrassing and unsuccessful effort to build U.S.-led pushback against Russia in Ukraine. The DNC documents, which made their way to WikiLeaks through unknown channels, weakened Putin’s old foe, Clinton, on the eve of the Democratic National Convention. And DCleaks claimed that its ability to obtain the First Lady’s passport demonstrated U.S. vulnerability to terrorism.

Putin has done what he can to maintain deniability. Asked by Bloomberg TV on Sept. 2 whether Russia was behind the DNC hack, he said, “I don’t know anything about that.” But he seemed admiring, if not proud, of Fancy Bear’s work. “They work so much like fine jewelers, so delicately, that they can leave their tracks, or someone else’s tracks, at just the right place and just the right time in order to camouflage their work and make it look like the work of some other hackers from somewhere else, some other country.”

In fact, it might take a real jewel thief–or an army of them–to rig the U.S. presidential election. Because they are not connected to the Internet and are controlled by thousands of independent precincts, U.S. voting machines are largely safe from meddling, says Merle King, executive director of Kennesaw State University’s Center for Elections Systems. The feds have pushed out patches for known vulnerabilities in state computers and offered security scans. America’s cyber and counterespionage forces will be looking “to see if there’s anything coming from overseas or even domestically that looks like an effort to target election offices,” says George W. Bush’s Homeland Security chief, Michael Chertoff. The FBI has opened a formal investigation into the DNC, DCCC, Arizona and Illinois hacks

But with the election fast approaching, some experts in and out of government say the Administration is moving too slowly to publicize the Russian influence operation and explain it to Americans. A bipartisan group of former national-security officials that included Chertoff and others called on Obama in July to name the perpetrators of the DNC hack. Alperovitch says the U.S. is misreading the battlefield in cyberspace. “The U.S. government for the last 20 years was so focused on how to achieve kinetic effects in cyberspace, how to produce what they call cyberbombs, because that’s what we’re used to,” he says. “But the Russians understand that the real power of this domain is in influence operations, psychological warfare, changing people’s perceptions of what’s truly going on.”

For much of the summer, Trump made casting doubt on the validity of the U.S. electoral system a prominent feature of his campaign. “I’m afraid the election’s gonna be rigged,” Trump said in Ohio on Aug. 1. ” I have to be honest.” Trump backers who sign up to be “Trump Election Observers” are told the campaign will “stop crooked Hillary from rigging this election.”

Asked at the first debate whether they would support the outcome of the vote, both candidates said they would. But Trump has a record of doing the opposite. As results came in on election night in 2012, he falsely tweeted that the Republican had won the popular vote and urged an uprising. “The phoney Electoral College made a laughingstock out of our nation,” Trump tweeted. “The world is laughing at us. More votes equals a loss … revolution! This election is a total sham and a travesty. We are not a democracy!”

Clinton has said Putin is trying to get Trump elected; there is no evidence of that. Trump does have some ties to Russia. Trump’s former campaign manager worked for Putin’s proxy in Ukraine until the pro-Western uprising there, and Trump, his family and a foreign policy adviser have done tens of millions of dollars of business in Russia. The exact amount is unclear, and Trump has declined to disclose details of his Russian business partners.

The links worry even rock-ribbed Republicans. Chertoff led the Senate Whitewater investigation of Bill and Hillary Clinton’s obscure Arkansas land deal in the mid-’90s and has been critical of the Democratic presidential candidate. But he is alarmed by Trump’s talk of a rigged election. “This business about talking about rigged elections is very dangerous,” Chertoff says.

On the ground in Arizona, Michele Reagan, a Republican, has been working to make the vote safe. She took the entire state voter database offline for 10 days after learning of the Fancy Bear hack to ensure the system was secure. In conversations with the FBI and her own cybersecurity team she has learned phrases like SQL injection and dual-factor authentication. “Yes, we believe we’re safe,” she now says.

That doesn’t mean she isn’t worried about Russian attempts to undermine the credibility of the vote. “We know there’s these bad actors out there that are coming in from other countries and they’re trying to scare us,” she says. “This isn’t about stealing information or altering information. The entire conversation I believe needs to be shifted to what this is really doing to the confidence of the American electorate.” Does she have a message for Americans on how to respond to Putin’s effort? “Our job is to try to encourage people to get involved and to be connected in government, to go out and vote.”