Jul 21 2020

As November Looms, So Do Cybersecurity Concerns for Elections

Amid pandemic confusion and delayed primaries, experts are watching the fall election season closely.

The action related to the hotly anticipated primary election season was expected to last for months. With dozens of Democratic candidates still on the ballot for the first primary in New Hampshire, social media taking an active role in campaigning and the threat of foreign influence on the election playing out, election officials were keenly aware of the need to keep the elections secure.

Heightened public interest came to a near halt in early March — when former Vice President Joe Biden essentially nailed down the Democratic nomination on Super Tuesday, and the COVID-19 pandemic sent voters home and delayed primaries — but cybersecurity experts remain on high alert as they look to November.

When voting patterns get disrupted, the bad actors who watch U.S. elections closely may seek to sway the outcomes, either by tampering with systems or by chipping away at public trust, they say.

“This is a highly scrutinized space,” says Geoff Hale, director of the Election Security Initiative at the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security. “Anything that goes wrong can be used to undermine confidence in the institution.”

Warning Signs About Election Security 

The pandemic caused many states to reschedule their primaries, creating more points at which security decisions have to be made. 

“You want an environment where everyone is thoroughly trained and familiar with the process. Uncertainty causes challenges,” says Hale.

Technical issues that occurred prior to the pandemic also sent up red flags for those concerned with election security, signs of what could be expected for the general election season.

Early on, an election app designed to allow precinct leaders to register voters’ choices failed spectacularly; it wasn’t well tested in advance, and volunteers received inadequate training. 

Ironically, security measures added to the problems; those included a last-minute security patch as well as ­multifactor authentication that required smartphone use in locations where phones weren’t permitted.

“This just set election innovation back so far,” says Rita Reynolds, CTO of the National Association of Counties. “You have to do testing, you have to do pilots, you have to do a soft rollout.”

States also ran into capacity issues early on. In some jurisdictions, limitations on network capacity prevented election officials from looking up voter information and led poll workers to have to print out paper ballots.

In others, bandwidth problems prevented some voters from accessing online tools that helped them find their polling locations; in one location, this was compounded by a volunteer who unwittingly redirected voters to a partisan site for information.

LEARN MORE: Explore this infographic on election security processes.

Firewalls Can Help Slow Disruptions

To counter this technological uncertainty, “the most important thing is to have backup procedures in place as part of the resiliency plan,” says Elizabeth Howard, counsel in the Democracy Program at the Brennan Center for Justice at New York University Law.

“You need a system that would minimize any interruption to voting, which includes having sufficient paper ballots present for everyone to cast their votes,” she adds.

Because anyone who senses network fragility might be tempted to launch denial-of-service attacks and overwhelm networks on Election Day, CISA recommends technology safeguards that include firewalls configured to restrict traffic flow, and security settings optimized to manage unwanted traffic.

The responsibility for voting systems and election security rests squarely with state and local officials, and federal officials regularly offer advice and guidance on what’s needed.

“We don’t own and operate the systems,” says Hale. “Our job is to help them to increase their security posture and their resilience in the face of threats both foreign and domestic.”

READ MORE: Find out how the federal government is coordianting with states on election security measures. 

States Secure Election Systems with Federal Funding

In the run-up to the November vote, the federal government has taken on that job, led by CISA and supported by the U.S. Election Assistance Commission and the National Guard. Security agencies documented Russian interference in the 2016 presidential election, and experts agree that bad actors are likely to try again. As former special counsel Robert Mueller told Congress last July, “They are doing it as we sit here.”

In January 2017, DHS declared voting to be part of the national critical infrastructure, giving the federal government a more prominent role to play in bolstering the technology around elections.

Since then, experts say, a new cooperative environment has arisen among federal, state and local authorities in the effort to prevent cyber tampering and ensure public confidence in the process.

With the creation of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) in 2018, federal and state officials gained access to a common source of threat data and, just as important, a common forum for sharing cyber concerns around the elections.

The EI-ISAC offers a range of computer information tools to buoy state efforts. These include hardware and software controls, support for continuous vulnerability management, and configuration tools, among others. The center has developed over 140 benchmarks for various technology groups, including operating systems, cloud service providers and network devices.

Federal authorities can help states leverage these tools in order to see further than ever before, as they seek to harden their voting systems against potential incursions.

Geoff Hale, Director, Election Security Initiative, Cybersecurity and Infrastructure Security Agency
You want an environment where everyone is thoroughly trained and familiar with the process. Uncertainty causes challenges.”

Geoff Hale Director, Election Security Initiative, Cybersecurity and Infrastructure Security Agency

“Before this, there wasn’t a holistic situational awareness,” Hale says. “Things that happened in California weren’t being seen in Wyoming. Now they can share alerts and warnings from activity seen and reported on their networks.”

CISA also supports the states with risk assessments that look for potential weak points in voting systems, and with remote penetration testing, in which federal officials actively try to breach the elections infrastructure. The agency has worked with more than 200 state, county and local election authorities.

“We are building a dialogue with DHS and trying to get them comfortable in our world,” says Paul Pate, president of the National Association of Secretaries of State and Iowa secretary of state. “The progress on that front has been a big improvement.”

MORE FROM FEDTECH: Deepfake videos can increase chaos through misinformation; learn how to spot them.

DHS Works with States to Enhance Election Security 

Federal funding has helped cement the relationship. Congress allocated $380 million to support election security in 2018; all 50 states received funding, but only a small portion was spent. “They were planning to spend that on updates to the voter registration databases, cybersecurity practices in general, training and audits,” Howard says.

Since then, Congress has approved $425 million in election support for 2020, plus an additional $400 million in emergency funding as part of the COVID-19 relief package.

Those DHS-led audits have proved valuable in helping states understand the strengths and weaknesses in their systems. In addition, DHS is helping states combat a more subtle and complex cyberthreat: the online effort to undermine voter confidence.

“We try to bolster the public understanding around trusted sources of information," Hale says. “We let them know about their rights, so that the voters can take ownership of their process.”

While election officials at all levels face a formidable challenge in battling both the cyberthreat and related online efforts to undermine public confidence, experts say the growing state-federal alliance should give the 2020 elections a high degree of digital resilience.

“In the states that are doing it well, there are strong partnerships between federal entities, the state leadership, the county election directors and their IT support,” says Reynolds. “That’s the model right there. It all boils down to communication and relationships.

Illustration by Rob Dobi

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.