Election Security 2020: How the Federal Government is Preparing to Protect the Vote

Primary Season Is the Largest Security Concern

When it comes to cybersecurity, DHS and other federal agencies are looking not just to November but to the primary voting that begins on Feb. 11 in New Hampshire. In March alone, 25 states, Puerto Rico and Democrats Abroad (the official Democratic organization for Americans living outside the U.S.) will vote in primaries — and those elections come in bunches just a week apart.

“My biggest concern is March 2020,” says Maurice Turner, deputy director of the Internet Architecture Project at the Center for Democracy and Technology. 

“Changing votes in the November election is going to be very difficult to do at a scale that would be undetected. But if a particular candidate gets an extra 1 percent or 2 percent in a primary, that might be the difference for their opponent to not make it to a state the next week,” he says. “If it comes out that there was any sort of malicious interference, and that some of those votes may have been illegitimate, I’m not sure that we have the processes in place to do that investigation in that time frame.”

Security agencies have documented Russian interference in the 2016 presidential election and experts agree that bad actors from that nation and others are likely to try again. Former special counsel Robert Mueller told Congress last July, “They are doing it as we sit here.”

In January 2017, DHS responded to the threat by declaring voting to be part of the national critical infrastructure. This gave the federal government a more prominent role to play in elections, which otherwise are exclusively the purview of the states.

Since then, experts say, a new cooperative environment has arisen between federal, state and local authorities in the effort to prevent cyber tampering and ensure public confidence in the process.

States Receive Upgraded Election Security Support from Feds

With the creation of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) in 2018, federal and state officials gained access to a common source of threat data — and, just as important, a common forum for sharing cyber concerns around the elections.

Under the cooperative arrangement, federal authorities can help states see further than ever before as they seek to harden their voting systems against potential incursions.

“Before this, there wasn’t a holistic situational awareness,” says CISA’s Hale. “Things that happened in California weren’t being seen in Wyoming. Now, they can share alerts and warnings from activity seen and reported on their networks.”

CISA supports the states with risk assessments, looking for potential weak points in voting systems, and also with remote penetration testing, in which federal officials actively try to breach the elections infrastructure. 

“We have done that with more than 25 states,” Hale says. “While it is only a point-in-time snapshot, it helps them make budget decisions going forward on what needs to be advanced to have a more secure system.”

In addition to that point-in-time service, CISA has supported more than 200 state, county and local election authorities with persistent vulnerability scanning of their internet-facing enterprises, ensuring the integrity of sites run by the local secretary of state, as well as online voter registration and other key sites.

States have been eager to avail themselves of this support, according to Elizabeth Howard, counsel to the Democracy Program in the Brennan Center for Justice. Congress allocated $380 million to support election security in 2018, “and all 50 states obtained federal funding to secure their election infrastructure,” she says. “They were planning to spend that on updates to the voter registration databases, cybersecurity practices in general, training and audits.”

Those DHS-led audits have proven especially valuable in helping states to understand the strengths and weaknesses in their systems coming into the primaries. This year, Congress has made available $425 million for states that want to boost their election security.

“If DHS can come in and identify vulnerabilities, it will help you to strengthen your system by identifying and addressing weak points,” Howard says.

MORE FROM FEDTECH: Deepfake videos can increase chaos through misinformation; learn how to spot them.

Ransomware Attacks Provide a Template for Response

Recent ransomware attacks in Louisiana and Texas demonstrated the role federal officials could play in staving off cyberthreats during the primaries and on election day in November. 

When hackers took down their systems, governors in those states called in the National Guard to help remediate the attacks, and the guard has subsequently said it would be adding new teams to expand its cyber defensive component.

The FBI, meanwhile, has announced plans to expand its victim notification policy. Officials say the law enforcement agency plans to brief state officials when election infrastructure located in their state but owned by local jurisdictions suffers a cyber intrusion.

More than just an election-day response capability, federal officials say they have an active role to play in helping states to prepare in advance the coming vote. 

“We get a high participation in a lot of our offerings,” Hale says. “More than 40 states are doing our voluntary scanning, and we had 46 states at our last national tabletop exercise.”

That kind of hands-on support at the national level, coupled with federal funding, has helped states to move the needle on election security. Thanks to a DHS grant, “all of our local jurisdictions in Iowa are tied into a single system that we can monitor,” says Paul Pate, president of the National Association of Secretaries of State and Iowa Secretary of State. “You are talking about 99 counties, plus cities and school districts, and now we can watch all of that activity and respond in real time.”

DHS also has helped in a procedural sense, by making it easier for elections-system stakeholders to access the information they need in order to keep abreast of emerging threats. 

Much of that data is classified, “and one of the things DHS has done is to increase the speed at which they are processing security clearances for state and local election officials, so that they can get to that classified information,” Howard says.

In addition to helping harden system and highlight threats, DHS has claimed a seat at the table when it comes to helping states combat the more subtle and complex cyberthreat: The online effort to undermine voter confidence.

READ MORE: Find out why officials say disinformation and lack of trust still threaten election security.

Educating Voters Is an Important Piece of Cybersecurity

“We have numerous products focused on voter resilience,” Hale says. “We try to bolster the public understanding around trusted sources of information. We let them know about their rights, so that the voters can take ownership of their process.”

To that end, DHS in June launched the War on Pineapple campaign. It used the age-old debate — pineapple on pizza? — to illustrate how foreign actors can leverage a divisive issue to sow doubt and confusion.

While the federal government faces a formidable challenge in helping state and local officials to fight both cyberthreats and related online efforts to undermine public confidence, experts say the growing alliance between state officials and federal authorities should help to ensure the 2020 elections will have a high degree of digital resilience.

“In the states that are doing it well, there are strong partnerships between federal entities, the state leadership, the county election directors and their IT support,” says Rita Reynolds, CTO of the National Association of Counties. “That’s the model right there. It all boils down to communication and relationships.”