By: Paige Suelzle
The dawning of the new year brings with it renewed concerns over foreign interference in the 2020 presidential election. Foreign interference can take the form of cyberattacks, hacking, “social media agitation,” and infiltrating state-controlled TV, radio, and online sources. While candidates are traversing the state of Iowa and stumping for votes in other early primary states, state and local election departments, elected officials, and election administrators across the country should be taking a hard look at whether their systems can withstand a sophisticated cyberattack.
According to a report issue by the U.S. Senate Intelligence Committee, “Russian government-affiliated cyber actors conducted an unprecedented level of activity against election infrastructure in the run-up to the 2016 U.S. Elections.” Specifically, the Committee found that “beginning in at least 2014 and carrying into at least 2017” the Russian government targeted U.S. election infrastructure at the state and local level. The federal government discovered that Moscow was scanning for weaknesses and attempting to gather data from state election systems and voter registration databases.
The Senate Intelligence Committee made a number of recommendations to state officials in light of their findings, such as suggesting that any voting machine a state purchases in the future “should have a voter-verified paper trail and remove…any wireless networking capability.” The Committee also suggested, among other things, that states should implement a voter registration database recovery plan and begin auditing election results in the event that hackers take advantage of any weaknesses they detect in their scanning of election databases.
However, despite Russian interference in the 2016 election, many states still use outdated and malfunctioning voting technology and do not have enough funding to upgrade their systems. In December 2019, Congress allocated $425 million in federal spending to election security efforts. States receive the funding in the form of grants. However, the money was allocated too late to make much of a difference in the 2020 election. Some also say this is not enough to meet the threat because significant investment must be made nationwide in election infrastructure, post-election audits, and improvements in cybersecurity. Many states need to replace their voting machines entirely.
Representative Bennie Thompson and Senator Amy Klobuchar have introduced the Election Security Act in the House of Representatives and the U.S. Senate, respectively. This comprehensive bill would provide financial support to the states to improve their election infrastructure, give grants to the states for voting system improvements and audits, and take steps to promote cybersecurity and prevent election hacking. The bill has not advanced through either house of Congress.
In Washington, Russian hackers tried and failed to hack the state’s election system in 2016. Beginning in June 2016, the Secretary of State’s office was in touch with the Department of Homeland Security (“DHS”) about suspicious activity on their website. The Secretary’s office also blocked an IP address that was causing problems in other states. Additionally, the Secretary of State’s office has continued to partner with the DHS in an effort to ensure the future safety and integrity of Washington’s elections. Washington has partnered with DHS to “assess vulnerabilities and identification plans, share information, rely on DHS for local support, and report incidents or threats” with programs like the Risk Vulnerability Assessment and the Cyber Resilience Review.
Since Washington uses a vote-by-mail election system, Washington voters have the added security that a paper ballot provides. Paper ballots create paper trails, providing a physical back-up in the event of a security breach or errors in the voting software. Officials are increasingly voicing support for the use of backup paper ballots in the 2020 election so that states can more accurately audit elections.
There are additional steps that states and localities can take to protect their election systems. The Brennan Center for Justice has published an Election Security Advance Planning Checklist that policymakers and election officials can use to proactively guard against a cyber-attack. The checklist explains how election officials can “prevent and recover from electronic pollbook failures and outages” and “be prepared for voting equipment failures.” Other specific suggestions include limiting or eliminating wireless network connectivity when possible, providing proper training for poll workers, making sure there are emergency paper ballots on hand, and following the National Institute of Standards and Technology’s cybersecurity framework to develop guidelines in addition to state and local guidelines.
Having a plan in place ahead of Election Day is critical to the security of the election. The possibility of foreign interference throws into question the legitimacy of an election and places under threat the fundamental right to vote. Proactive steps to guard against cyber-attacks, such as those recommended by the Senate Intelligence Committee and the Brennan Center for Justice, are gravely needed in every state and locality to meet the growing threat of foreign interference. The integrity of American democracy may depend on it.