Inside the Secret Plan to Stop Vladimir Putin’s U.S. Election Plot （Part 1）

Riverside County District Attorney Michael Hestrin was at his desk on June 7, 2016, when the calls started coming in. It was the day of the California presidential primary, and upset voters wanted the county's top prosecutor to know that they had been prevented from casting their ballots. "There were people calling our office and filing complaints that they had tried to vote and that their registration had been changed unbeknownst to them," says Hestrin. 

2016年6月7日，里弗赛德县地方检察官迈克尔·赫斯汀正在办公，电话却一个接着一个。那天正值加利福尼亚州总统初选，气愤的选民想让县最高检察官了解到他们投不了票的情况。赫斯汀说：“打电话到我们办公室的人投诉，投票的注册信息在他们不知情的情况下被篡改了。”

Soon there were more than 20 reports of trouble, and Hestrin, a 19-year veteran of the office and a graduate of Stanford Law School, dispatched investigators to county polling places to see what was going on.

不一会儿就有20多人打电话反映问题，赫斯汀是办公室一位工作了19年的资深人士、斯坦福法学院毕业生，他派调查员去县投票点查看情况。

At first what they found was reassuring. Everyone who had been blocked from voting had been offered a provisional ballot, and most had cast their votes that way. But as the investigators dug deeper, things looked less innocuous. In the days after the vote, more people started coming forward to say they'd also had problems with their voter registration on primary day. In at least half a dozen cases, Hestrin and his investigators concluded, the changes had been made by hackers who had used private information, like Social Security or driver's-license numbers, to access the central voter-registration database for the entire state of California.

起初，调查结果还让人宽心。每位投不成票的选民获准临时选票，多数人通过该方式投了票。但随着调查深入，情况没那么简单了。投票后数天，更多人反映他们也在初选当天投票注册未果。赫斯汀和调查人员得出的结论，至少6起案件中，黑客盗用社保号、驾驶证号等个人信息，黑进加利福尼亚全州中心选举注册数据库，篡改信息。

There the trail went cold. The California secretary of state's office told Hestrin's investigators that the state's system hadn't recorded the Internet addresses of the computers that had made the changes, so there was no way to learn the identity of the hackers. Hestrin could go no further, but that wasn't the end of it. The lingering mystery of the voter-registration changes bred doubt among members of both parties. Local Republicans publicly alleged that Democrats were ignoring the issue and privately accused them of trying to suppress the GOP vote. Democrats thought Republicans were making up an excuse for their losses at the county polls. "That was a big concern," says Hestrin, an elected Republican. "People should still have faith in our election systems."

除此之外，痕迹全无。加利福尼亚州州务卿对赫斯汀的调查人员说，州系统未记录到篡改信息的计算机IP地址，无法获知黑客身份。赫斯汀的调查无法继续，但事情并未到此结束。篡改选举人注册信息疑团重重，两党成员都感到蹊跷。当地共和党人士公开指责民主党忽视问题，私下则指责民主党意图压制共和党选票。民主党人则认为共和党人为县级得票失利找借口。被选为检察官的共和党人赫斯汀说：“这可不是小事。人们仍应信任我们的选举体系。”

It was only months later that it dawned on investigators in D.C. that undermining voters' faith may have been the point of the Riverside County hack all along. In the months following the California primaries, the feds discovered that Russian hackers had broken into more than 20 state and local election systems and attempted to alter voter registration in several of them. Looking back at the events in Riverside County, cybersecurity officials at the White House wondered whether it had been a test run by the Russians. "It looked like a cyberattacker testing what kind of chaos they could unleash on Election Day," says one former federal cybersecurity official who looked into the case. "There was no forensic evidence, so we may never know for sure, but the intelligence told us the Russians were bragging about doing just that."

几个月后，华盛顿方面的调查员才意识到，里弗赛德县黑客事件的目的可能就是削弱选民对选举体系的信任。加利福尼亚周初选后数月，联邦调查局发现俄罗斯黑客侵入超过二十个州及部分地区选举系统，试图篡改部分选民注册登记。白宫网络安全官员们回过头来审视这些事件，想搞清楚这是否是俄罗斯黑客的试探。“看起来像是网络攻击者试探在大选日能造成多大破坏，”调查此案的一名前联邦网络安全官员说。“没有司法证据，我们永远都说不清楚了，但情报部门告诉我们，俄国人夸口做了那件事。”

It is easy to forget, in the constant flurry of news, that the abiding goal of the Russian operation against the 2016 presidential election was, in the words of the U.S. intelligence community, "to undermine public faith in the U.S. democratic process." What unfolded from early spring 2016 through the close of polls on Nov. 8 in states and counties across America was an aggressive attack on the credibility of our elections and a largely unseen and futile attempt by the federal government to counter it. The FBI, the Department of Homeland Security (DHS) and U.S. intelligence services worked to identify the hackers and determine how widespread their malicious influence operation was. The feds struggled to help states protect their ballot machines and voter-registration rolls, only to become suspected of election meddling themselves amid mounting partisanship. In the end, realizing there was little they could do to stop what they feared might be a final Russian attack on the vote, the feds worked up an extraordinary plan to limit the damage on Election Day and in the days after.

用美国情报界的话说，俄罗斯操控美国2016年大选的根本目的是“削弱民众对美国民主进程的信心”，但新闻排山倒海之势下，人们很容易忘了这一点。2016年初春至11月8日投票结束，全美各州县选举中表现出对我们选举可信度的猛烈攻击，而联邦政府的反击几乎不存在，即便有也徒劳无功。联邦调查局、国土安全部和美国情报机关致力于确定黑客身份，查明黑客恶意误导的范围。联调局探员无力帮助各州保护投票机和选民登记名单，可在激烈的党派分歧下，他们倒被怀疑干预选举。到头来， 联调局探员担心俄国人在大选中发起致命一击，却发现自己难有作为，于是制定了一项不同寻常的计划，控制大选当天及此后数天发生的损害。

The previously undisclosed 15-page plan, produced by President Obama's cybersecurity officials and obtained by TIME, shows just how worried Washington was. It deferred to states in most cases of a cyberincident on Election Day. But in a severe attack "likely to result in demonstrable impact to election infrastructure," it provided for "enhanced procedures" in response. The plan allowed for the deployment of "armed federal law enforcement agents" to polling places if hackers managed to halt voting. In a crisis, it also foresaw the deployment of "Active and Reserve military forces" and members of the National Guard "upon a request from a federal agency and the direction of the Secretary of Defense or the President." For three days after the election, a special interagency effort would be tasked with addressing "any postelection cyberincidents," including "planted stories calling into question the results."

奥巴马网络安全官员制定的15页计划被此前披露，《时代》周刊获得该计划，计划显示华盛顿方面对黑客攻击事件的担忧程度。多数情况下，认可各州把选举当天的时间定性为网络事故。但一次“可能对选举基础造成实质影响”的严重攻击中，主张启动“强化流程”。计划提出，如黑客试图中断选举，将在选举点部署“武装联邦执法人员”。如遇危机，设想“应联邦机构请求、依国防部或总统指示”，调遣“现役和预备役部队”及国民警卫队。选举三天后，启动跨机构特别团队，受命应对“任何选举后网络事故”，包括“散布质疑选举结果的种种传闻”。

On Nov. 1, the White House went so far as to war-game an Election Day attack. Over the course of five hours, the National Security Council ran a fictionalized sequence of events to rehearse how federal agencies would communicate and respond in a real attack. Some of the scenarios dealt with actual vote meddling, while others focused on disinformation efforts to undermine the election. As the nightmare scenarios unfolded--from voters turned away to violence at polling places--the team went over what actions each agency would take and what the legal constraints were on what they could do.

11月1日，白宫甚至还预演了大选当天遭受攻击。历时5小时，国家安全委员会设想了事件发生次序，排练真实攻击中联邦机构如何沟通和应对。某些情境是果真发生干预投票干预行为，另外集中在散布虚假信息以破坏选举。各种噩梦情境展开，既包括选民投票被拒到选举点发生暴力，团队梳理了每个机构该采取什么行动及这些行动的法律界限。

As it happened, Nov. 8 came and went with no final, spectacular attack on the integrity of the election. But the Russian effort may nonetheless be working, helped wittingly or otherwise by Donald Trump. Most Americans believe that their own votes will be correctly counted, but their faith that elections are honest is collapsing. In 2009, 59% of Americans had confidence in the h 40 38116 40 15290 0 0 4313 0 0:00:08 0:00:03 0:00:05 4313onesty of elections, while 40% did not, according to Gallup. By 2015, those numbers had flipped, and just before the November vote, amid Trump's repeated talk of rigged elections and the widespread coverage of Russian hacking, Gallup found that only 30% of Americans had confidence in the honesty of our elections, while 69% did not.

11月8日如期而至，并未发生对选举可信性令人惊讶的最后一击。可俄国的工作没有白费，特朗普有意无意地助人一臂之力。大多数美国人认为他们的投票得到正确的计算，但对选举诚实性，他们正在失去信心。盖洛普民意调查显示，2009年，59%的选民对选举真实性有信心，40%的人没信心。2015年比例倒转，就在11月选举前，特朗普反复提出选举被操纵以及对俄罗斯黑客的大幅报道，盖洛普发现只有30%的美国人信任选举真实性，69%的人表示不相信。

The diminished faith may deepen. Recent revelations and testimony have shown that the Russian operation targeting state and local voting systems was broader and more intrusive than previously thought. They have also shown that our election systems remain vulnerable to different kinds of attack designed to undermine not the vote count itself but America's faith in the result. Which is why the story of how officials scrambled to secure the 2016 vote only to become mired in partisan suspicion is important. Because the question of U.S. vulnerability to election meddling is less about the past votes than it is about the next ones.

信心还会进一步走弱。近期披露的真相和证言显示俄罗斯攻击各州和地方选举体系范围之广、攻击性之强远超预计，暴露出我们选举体系仍然易受各类攻击，攻击不仅旨在破坏计票本身，还要摧毁美国人对结果的信任。这就是官员们仓促中确保2016年选举安全却陷入党派猜忌显得如此重要的原因。美国对选举干预的脆弱性这一问题并非关乎过去的选举，更重要的是它将影响今后的选举。

RUSSIA'S DANGEROUS NEW GAME

俄罗斯的新玩法

About three weeks after the Riverside County hack, a Russian agent signed on to the voter-registration website of one of Illinois's 109 election jurisdictions, each of which has its own voting system. But instead of entering his personal information in one of the fields for names and addresses, the hacker uploaded a string of malicious prewritten code, executing a classic hack known as SQL injection. With that, the hacker opened a back door to all 15 million files on past and current voters in the state since 2006. And for nearly three weeks, no one knew he was there.

里弗赛德县黑客事件发生约三周后，一俄罗斯特工登录了伊利诺斯州109个选举管辖区的某个选民登记网页，每个管辖区都有各自的选举体系。但没有填写在姓名和地址栏填写个人信息，这名黑客上传了一串恶意预制代码，执行了经典的黑客操作，插入结构化查询语言。这样一来，相当于开了后门，可以获得2006年以来该州过去和当前选民的1500万份文件。近三周时间中，没人知道被植入后门。

Such intrusions weren't entirely new. Russia had been probing U.S. state and local electoral systems for years. In 2008, Moscow hacked the campaigns of both Obama and John McCain. Then, in 2014, the Russians became more brazen. "Previously, when you discovered the Russians somewhere, they disappeared like ghosts--poof!" says Michael Daniel, former White House cybersecurity coordinator. "After 2014, you'd find them in networks, and they'd stay, almost like they were taunting us. They became much more aggressive."

这种黑客入侵并不新鲜。俄罗斯数年前研究了美国各州和地方选举系统。2008年，俄罗斯政府侵入了奥巴马和约翰·麦凯恩的选举阵营。2014年，俄罗斯黑客更加猖獗。白宫前网络安全协调员迈克尔·丹尼尔说：“从前，你一发现俄国人，他们就鬼影一般，扑一下不见了。2014年后，你在网上找得到他们，他们不走，好像在挑衅。他们攻击性更强。”

Election 2016 was a step well beyond that. After the Illinois hack and a similar one at about the same time in Arizona, "we realized we were playing a different game," Daniel says. The Russians weren't just stealing information for the purposes of collecting intelligence as they had been in previous election cycles. Instead, Daniel's team concluded, they were showing a possible intent to meddle with the vote.

2016年选举更进一步。伊利诺斯州遭到黑客攻击时，亚利桑那州也发生类似事件，此后“我们意识到这回不一样了，”丹尼尔说。俄罗斯黑客不仅像前几次大选中那样窃取信息，收集情报。相反，丹尼尔团队总结说，他们表现出干扰选举的意图。

Illinois discovered the intrusion on July 12, when the hackers triggered an alarm by trying to download the whole file of 15 million voters. Illinois officials took the system offline and found that about 90,000 files had been stolen, more than 75,000 of which included personal data like driver's-license numbers and the last four digits of the voters' Social Security numbers. When Illinois reported the news to the FBI in late July, the bureau dispatched a tactical Cyber Action Team to the state capital, Springfield, where the computers are kept.

伊利诺斯州7月12日发现入侵，黑客试图下载1500万选民的全部文件时触发警报。伊利诺斯官员断网，发现黑客已窃取约9万份文件，逾75000份文件含个人数据，如驾照号和选民社保号的后四位。7月底，伊利诺斯州将这一消息报告联邦调查局时，联调局派了一个战术性“网络行动组”到达计算机所在地、伊利诺斯州首府斯普林菲尔德。

Fortunately for the feds, Illinois officials had kept a full backup of all the data on the system from before the SQL attack, so the FBI was able to track what the hackers had done. Bureau agents found that while they were inside, the hackers had attempted to alter and delete information in the voter rolls. In particular, they had tried to change voters' names and addresses. As far as they could tell, none of the efforts had been successful. 

联调局探员庆幸的是，伊利诺斯州官员在结构化查询语言入侵前已将系统中所有数据备了份，联邦调查局可以追查黑客行为。调查局探员发现，侵入后，黑客试图篡改、删减选民名单信息，尤其是尝试更改选民名字和地址。他们公开能说的是，这些都未获得成功。

Most important, Illinois had recorded the IP addresses of the attackers. Those digital fingerprints and the techniques the hackers had used, combined with the intelligence reporting on Russian plans, convinced the feds that the attackers were a group, known as Fancy Bear, that operates as an arm of Russian military intelligence (GRU).

最重要的是，伊利诺斯州记录了攻击者的IP地址。数据指纹和黑客使用的技术，再加上对俄罗斯计划的情报报告，足以让联调局探员相信黑客属于被称为“魔幻熊”的组织，隶属于俄罗斯军情部门。

At first, says a former senior White House official, that revelation "was terrifying." For a week or so starting in late July, the feds faced the prospect that Russia might be planning to physically hack into the voting machines and fiddle with the vote count. The urgent need: to figure out if Moscow could actually swing the election. As it turned out, the White House had on staff one of the country's leading experts in voting-machine manipulation, professor Ed Felten of Princeton, who was serving as deputy to the U.S. chief technology officer. Felten had famously been the first academic to obtain a Diebold voting machine and publish a public study showing it could be compromised.

起初，白宫一名前高级官员表示，这一消息“令人惊骇”。七月末开始的一周左右时间，联调局探员得知俄国可能在计划黑进投票机，篡改计票结果。当务之急是搞清俄罗斯政府是否真的会干扰大选。结果，白宫雇佣了全国研究操纵投票机的顶级专家、普林斯顿大学埃德·费尔顿教授，他也是美国首席技术官助理。费尔顿得名于成为第一位获得迪堡投票机的学者，他公开发表学术文章证明投票机可能出问题。

With colleagues from the National Institute of Standards and Technology who had written the standards for electronic-voter-machine security, Felten and Daniel concluded that hacking voting machines was technically possible. "In many places in the U.S., there are touchscreen voting machines, which are vulnerable to manipulation by someone who gets access ahead of time," Felten says. The cyberteam began worrying that Russia might try to compromise a poll worker and gain access to touchscreen machines before the election. But doing that in a way that could alter the outcome of the election was very hard. First, the attackers would have to know which districts could affect the outcome. Then they'd have to change just enough votes to ensure victory without switching so many that it would draw attention.

费尔顿和丹尼尔与撰写电子投票机安全标准的国家标准与技术学院的同事得出结论，存在技术上侵入投票机的可能性。费尔顿说：“美国多地的触屏投票机，易受提前侵入系统的黑客操纵。”网络小组开始担心，俄罗斯可能试图收买计票人员，在选举前侵入触屏投票机。但通过这种方式很难改变投票结果。首先，黑客需要知道那些选区会影响投票结果，接下来他们必须改变足额数量的选票确保“胜利”，但不能改变太多，以免引人注意。

That didn't mean all was well. The whole point of the election wasn't just to count ballots; it was for the U.S. to reach consensus that the democratic will of the people had been freely and fairly expressed. Hacking the consensus was much easier. "We concluded that Russia could erode the confidence of millions of voters and undermine our ability to conduct free and fair elections," says Anthony Ferrante, former director for cyberincident response at the National Security Council, who ran the frontline efforts to combat the Russian operation.

这并不意味着万事大吉。选举的全部意义不仅是计票，还在于美国达成共识，人民的民主意愿自由公平地得以表达。破坏共识更好办。国家安全委员会前网络事故应对顾问安东尼·费兰特领导打击俄国行动的一线工作，他说：“我们得出结论，俄罗斯会削弱数百万选民的信心，破坏我们进行自由公平选举的能力。”

Since May, U.S. spy hunters had seen evidence that Russia's military intelligence might try to damage the expected winner, Hillary Clinton. The intelligence was incomplete but pointed in the same direction: an initial report of a bragging GRU official that month was followed by other intelligence reports indicating a widespread willingness to interfere. In the wake of the Illinois intrusion and on the basis of the intelligence it had received, the White House team by mid-August believed there were three main ways Russian President Vladimir Putin could undermine the integrity of the vote.

自5月以来，美国反间谍人员发现证据，表明俄罗斯军情部门试图对预期赢家希拉里·克林顿造成不利影响。情报并不完整，但指向明确：当月关于某自吹自擂的俄罗斯军情部门官员一份初期报告后，其他情报报告也显示意图干扰选举的行为遍布各处。伊利诺斯州选举系统遭黑客攻击后，基于已获知情报，白宫团队在8月中旬确定俄罗斯总统弗拉基米尔·普京可以通过三个主要途径削弱选举可信度。

The first and most disruptive thing Russia might do: subtly alter the voter rolls. Deleting records would draw too much attention, but running a program against registration files that would, for instance, flip the second letter in every voter's address could go unnoticed. Then, on Election Day, every voter in a swing county would have to vote by provisional ballot, giving the impression of chaos and allowing a propagandist who wanted to call into question the vote to do so after the fact.

俄罗斯首先采取的、最具摧毁性的方法是：神不知鬼不觉的篡改选民名单。删除记录太引人注意，但通过运行程序篡改注册文件，例如改变每位选民地址的第二个字母就不引人注意。然后在大选当天，摇摆县每个选民必须投临时票，给人造成混乱的印象，让质疑选举的宣传者有文章可做。

Another possibility involved the propaganda value of fiddling with a voting machine. Says Daniel: "We worried, Could [a hacker] document an intrusion into a [single] voting machine and then say, 'Here's the YouTube video. We did this a hundred thousand times across the United States,' even though they had never done anything like that?" That would sow doubt about every machine in the country and would also undermine the final vote's credibility.

另一种可能性是操纵投票机带来的宣传价值。丹尼尔说：“我们担心，黑客是否会侵入单台投票机，然后说：这是来自Youtube的视频，我们在全美已弄了十万次了，尽管黑客从没做过。”那将让人们质疑全国每一台投票机，从而也会削弱大选的可信度。

Lastly, the Russians could interfere with the election reporting system. The actual vote tally is decentralized and extremely slow: local officials count and validate their results, and state secretaries, election boards or other state officials sign off on the total tabulations, and only then is the official vote certified. That decentralization is the system's strength. But on election night, nearly all reporting across television, the Internet and news wires relied on the Associated Press. Altering the data reported by the AP, or just taking down the AP system with a sustained attack, could cause chaos.

最后，俄国人可以干预报送报告系统。真实的选举汇总过程是分开进行的，进度极慢：地方官员计票并验证其真实性，然后州务卿、选举委员会或者其他州官在汇总表上签字确认，这之后才是选票正式核验，分点方式是系统优势所在。可大选当夜，几乎所有电视、因特网和新闻线路都依据美联社报道。改动美联社报道的数据或只要持续攻击美联社系统，就会造成混乱。

Knowing all this, Ferrante began working up an emergency plan for what to do on Election Day, and the day after, if the Russians attacked the vote. Drawing on election experts at the Justice Department, the FBI and DHS, Ferrante scrambled to figure out what powers the federal government had, legally, to push back.

了解了这些后，费兰特开始制定大选当天及次日的应急计划，以防俄罗斯黑客攻击选举。他召集司法部、联邦调查局和国土安全部的选举专家，仓促搞清联邦政府有何加以应对的合法权力。

But it turned out the credibility of the vote would come into question well before Election Day. And rather than the Russians, it would be the government of the U.S. that would become suspected, by some Americans at least, of subverting the vote.

可结果选举可信度在大选前可能就遭到质疑。至少对部分美国民众而言，并非俄国人，美国政府才有破坏选举之嫌。

THE ENEMY WITHIN

内部的敌人

From the first report of Russian hacking in mid-June, Donald Trump denied Moscow's involvement, improbably accusing the Democratic National Committee of hacking itself "as a way to distract from the many issues facing their deeply flawed candidate and failed party leader." As the story accelerated with the dump of stolen emails right before the Democratic National Convention, Trump doubled down on his counterclaims. On Aug. 1 in Columbus, Ohio, he said, "I'm afraid the election is going to be rigged."

6月中旬第一份有关俄罗斯黑客入侵报道以来，唐纳德·特朗普否认俄罗斯政府干涉选举，难以置信地指责民主党全国委员会黑了自家电脑，“以转移人们的注意力，民主党候选人问题重重，党派领导人频频出错，这导致诸多问题”。 就民主党全国大会召开前，邮件被盗事件不断发酵，特朗普火力全开，反咬一口。8月1日在俄亥俄州哥伦比亚，他说“我担心选举将受到操纵。”

Which may partly explain why the atmosphere was so tense when Secretary of Homeland Security Jeh Johnson convened a conference call on Aug. 15 with representatives of election officials from every state across the country. On Aug. 3, Johnson, an Obama appointee, had said he was considering declaring elections part of the U.S. critical infrastructure, along with things like the banking and electrical systems. That designation would give the federal government access to state-level voter information and would open regular lines of communication with local election officials. On the Aug. 15 call, Johnson said DHS stood ready to help the states by conducting vulnerability scans, providing what he said was "actionable information" about threats and delivering cybertools to help protect election systems from intrusion. But some of the states were less concerned about outsiders than they were about federal overreach, according to Johnson and several participants in the call. States didn't know what being declared critical infrastructure meant and were suspicious for partisan reasons: Were Democratic officials in Washington preparing to take control of the nation's polling places? The call grew contentious as participants felt the feds were encroaching on the constitutional role of states to run elections. "We secretaries of state were faced with an issue where there were perhaps foreign actors trying to get into our databases," says Arizona secretary of state Michele Reagan, a Republican and one of the first victims of the Russian hack. "And their answer was, 'Let's just take over the election infrastructure, which goes against the Constitution and our state law.'"

这部分说明8月15日国土安全部部长杰伊·约翰逊召开全国各州选举官员代表参加的电话会议上，气氛何以如此紧张？8月3日，由奥巴马任命的约翰逊曾表示，他正考虑将选举也列入美国关键基础设施之中，与银行和电力系统等并列。这样安排让联邦政府有权查阅各州选民信息，并开辟与地方选举官员沟通的固定线路。8月15日电话会议上，约翰逊说国土安全部已做好准备帮助各州进行漏洞扫描、提供他所说的关于威胁的“可操作信息”、安装网络工具以保护选举系统免遭入侵。但约翰逊和部分参会人员透露，有些州不担心外人侵入，反倒担心联邦政府管得太宽。州政府不知道纳入关键基础设施意味着什么，它们出于党派之见对此表示怀疑：华盛顿的民主党官员是不是准备控制全国的投票点？参会人员认为联调局探员正在侵犯各州依宪法举行选举时该发挥的作用，于是电话会议争论不断。亚利桑那州州务卿、共和党人米歇尔·里根，曾是俄罗斯黑客攻击的受害者，他表示：“作为州务卿，我们面临的问题是外国黑客试图入侵到我们数据库，他们却打算接管选举基础设施，这违背宪法和州法。”

The atmosphere of mistrust of the feds was hampering the White House's ability to respond to the Russian attack too. Obama was already worried about the possibility of an escalating cyberwar with Moscow if he retaliated for the ongoing Russian hack, senior White House officials privately said at the time. With Trump fueling antigovernment suspicion, Obama was even less inclined to take strong measures against Moscow, in part because of the danger of seeming political. Coming out hard against Russia, which was widely believed to favor Trump, Obama thought, would make it look as if the White House were trying to help get Clinton elected. "It was pervasive in the discussions," says a former senior White House official, "because some state officials were questioning whether some of our actions were advancing the interests of the Democratic Party."

对联调局探员缺乏信任的氛围亦妨碍白宫回击俄罗斯攻击的能力。白宫高级官员当时私下说，奥巴马也担心，如果对俄攻击予以反击，可能激化与莫斯科的网络战。特朗普火上浇油，质疑政府，奥巴马更不愿对俄采取强硬措施，部分原因是这冒着让选举看起来政治色彩太浓的危险。奥巴马想，人们都认为对俄强硬有利于特朗普，看起来白宫试图帮助克林顿赢得大选。一位前白宫高级官员说：“讨论涉及内容很广。因为有些州的官员质疑我们部分行动是否有利于民主党利益。”

Even as they were trying to communicate the dangers, the feds were seeing more evidence of just how expansive the Russian intrusions were. Three days after the Johnson call, on Aug. 18, the FBI sent out a flash alert to all the states including the digital fingerprints of the hackers they had gathered in Illinois and Arizona. By mid-August, Daniel's group had concluded that the GRU had infiltrated the electoral systems of Florida and New Mexico. In Tennessee, hackers had reached into the state's campaign-finance system. Soon the number of states probed by the Russians had crossed half of all states, and it was clear the Russians had tried to hack everyone; the only question was how successful they had been.

甚至他们试图讨论面临的危险时，联调局探员还在发现俄国入侵范围之广的更多证据。约翰逊召开电话会议三天后，即8月18日，联邦调查局向所有州发出紧急提示，其中包含从伊利诺斯州和亚利桑那州收集的黑客数字指纹。到8月中旬，丹尼尔工作组得出结论，俄罗斯军情机构已潜入佛罗里达和新墨西哥州的电子系统。在田纳西州，黑客黑进州竞选筹款系统。很快，一半的州都遭到俄国人入侵，形势很明了，俄国人试图黑所有人，唯一的问题是他们进展到哪一步。

The emerging picture wasn't pretty. "In some cases we saw them try to get in and they failed," says Daniel. "In some cases we saw them get a little way in and then get stuck. And in other cases they got a little bit further and were doing these kinds of testing." What was most frightening was that they knew they were seeing only Russia's clumsiest efforts. Moscow's state-sponsored hackers are among the most skilled cyberactors in the world. The feds had to assume there were other intrusions they weren't seeing. The fact that they didn't see intrusions in some states, says one official, "just means we didn't find them."

随后形势并不乐观。丹尼尔说：“有几次我们发现有黑客入侵，他们没成功。有几次黑进来了一点，被困住了。还有几次他们更进一步，做了这些测试。”最可怕的是，他们知道只见识到俄罗斯最差劲的黑客行为。俄罗斯政府支持的黑客是世界一流的。联调局探员必须假设有黑客入侵他们还未发现。事实上在有些并未发现有黑客入侵迹象。一位官员说：“这只能说明是我们还没发现他们。”

未完待续

译者 张娜