What if, this time around, a wave of foreign interference is aimed at helping Democrats take control of Congress?
It's an idea that has been batted around a great deal since 2016. It is based on the thesis that Russian President Vladimir Putin doesn't actually care about either party. What he wants is chaos, strife, deadlock and a corrosion of faith in U.S. political institutions.
To that end, what better way to bring about another upheaval than by trying to whipsaw the political balance from Trump and Republicans to the putative return two years later of a House Speaker Nancy Pelosi and her Democrats?
President Trump sounded that warning last week on Twitter.
What if he's right?
Russia's active measures against the U.S. and the West never stopped after 2016, as the intelligence bosses keep saying, and Russian efforts are expected to continue through the 2018 and 2020 elections.
If the warning lights are already "blinking red," as Director of National Intelligence Dan Coats put it, the next question is: To what end?
How might the Russians do it?
The Russians could use a version of the playbook they ran in 2016: Deploy human operatives to mix things up, attack state elections infrastructure, steal information in cyberattacks and then dump it for maximum political effect — all the while turning up the volume on political controversy by agitating on social media.
Or they could attempt some new permutation of this scheme, perhaps by mixing in new, high-tech fake audio or video. Or because they know how much Americans now know about the tools in this kit, there could be some other new strategy that no one is expecting.
Or there could be nothing.
With so much attention drawn by reporters and politicians to the election interference storyline, Putin might conclude a big push on election interference won't work unless it can benefit from the element of surprise.
So far, as Homeland Security Secretary Kirstjen Nielsen has said, there has not been as big a push as in 2016. Still, some cyber mischief is underway: Microsoft says it has detected so-called spear-phishing attacks on at least three campaigns this year, though it didn't reveal which ones or how many total attacks it knows about.
One target who has identified herself does not suggest the Russians have switched sides: Missouri Sen. Claire McCaskill, a Democrat, said cyberattackers had tried to get into her Senate office systems but failed.
"While this attack was not successful, it is outrageous that they think they can get away with this," McCaskill said in a statement Thursday. "I will not be intimidated."
If the scale is so far smaller than the hundreds of cyberattacks launched in 2016, national security leaders say these relatively light winds could turn into a typhoon at any moment.
"We fully realize that we are just one click of the keyboard away from a similar situation repeating itself," as Coats said recently.
States are paying attention to election security more than they ever have, but as NPR's Miles Parks has reported, there are still 50 different policies and levels of readiness across the country.
In some places, elections officials are as ready as they'll ever be. Others remain highly vulnerable. Secretaries of state and elections officials across the country may not know how robust their preparations are until Election Day.
And there are broader issues. Even if every election in the United States used 100 percent accountable and verifiable paper systems, there are no practical defenses against other weapons in the Russians' active-measures arsenal.
Facebook and Twitter vow that they're cracking down on the use of their platforms by foreign agitators, but they can't stanch everything, especially if influence-mongers return with a broad new wave that uses new accounts, new vectors or new techniques to piggyback on the networks.
Facebook, in particular, is depending more on the use of disclosures within ads on its site, not active countermeasures that bar them from appearing.
Another real problem — if that's the right phrase — is the free press.
If WikiLeaks or another pop-up intermediary began dumping embarrassing material about politicians, would American journalists politely refrain from covering it? Even if they did, the material would still get into the information ecosystem without them.
Reporters might include caveats in their stories — "the damning revelations about Politician X appeared to be part of an active measures campaign against the United States. Now back to the damning revelations about Politician X ..." — but they still would be serving the interests of the attackers.
In the case of an attack on behalf of Democrats, the arguments that Trump and Republicans used in 2016 might be turned against them: Who cares about the origins of this material — whether it came via Russia's military intelligence service or not? As long as it's legitimate, it's fair game.
Millions of Americans concluded the same thing during the 2016 cycle when WikiLeaks published emails hacked from the systems of leading Democratic Party figures — emails stolen, the Justice Department alleges, by Russia's military spy agency.
The Supreme Court has roundly rejected prior restraint, as one well-known constitutional scholar once observed. Trump couldn't order news organizations not to cover revelations that had originated in a foreign cyberattack, even if he wanted to.
If the structural components of a new surge in attacks are easy to imagine, the politics are not. Would it be better for Trump and Republicans to launch a full-on national response to a new spike in active measures? The president has said that is exactly what he would do.
But a wave of interference between now and Election Day also would enable Trump and Republicans to argue the outcome of the 2018 midterm elections, including the return of their reviled Speaker Pelosi, was illegitimate — in the same way Trump's supposed illegitimacy is a shibboleth for the self-styled "Resistance."
How strong the foundation
What hasn't become clear following another all-cartwheeling, all-exploding set of headlines last week is Trump's basis for warning about a Russian campaign benefiting Democrats. Is there real intelligence reporting that suggests Russian leaders intend to launch one or that one is underway now?
Trump is in a position to know. Secretary of State Mike Pompeo told Congress on Wednesday that he has briefed Trump extensively for months — previously as director of the CIA — about what the intelligence community is reporting about active measures.
Trump also sometimes denies that any interference is taking place and insists the whole story is a "hoax." He phases back and forth, and one consequence is that there is no way to know his own position on a given day and the resulting actions he might order.
Administration officials say that they're preparing no matter what and that the United States will take a much stronger stance against foreign interference than was done in 2016.
Pompeo told Congress that he had warned the Russians that any more attacks would be met with "severe consequences."
Deputy Attorney General Rod Rosenstein said recently at the Aspen Security Forum that the Justice Department would begin publicly calling out foreign schemes and step up its efforts to defend American networks from cyberattacks.
At the same time, he warned about the prospect of a new surge in attacks exactly like the one Trump described last week, which is why Rosenstein said it's necessary for a bipartisan response given the peril facing both major parties.
"I want to emphasize that covert propaganda disseminated by foreign adversaries is fundamentally different from domestic partisan wrangling," Rosenstein said. "As Sen. Margaret Chase Smith proclaimed in her 1950 declaration of conscience, we must address foreign national security threats 'patriotically as Americans,' and not 'politically as Republicans and Democrats.' "