DHS Leads Federal Effort for Cooperative Security
States are looking to November and beyond, to the primary voting looming on the horizon.
“My biggest concern is March 2020,” says Maurice Turner, deputy director of the Internet Architecture Project at the Center for Democracy and Technology.
“Changing votes in the November election is going to be very difficult to do at a scale that would be undetected. But if a particular candidate gets an extra 1 percent or 2 percent in a primary, that might be the difference for their opponent to not make it to a state the next week,” he says. “If it comes out that there was any sort of malicious interference, and that some of those votes may have been illegitimate, I’m not sure that we have the processes in place to do that investigation in that time frame.”
Security agencies have documented Russian interference in the 2016 presidential election and experts agree that bad actors from that nation and others are likely to try again. Former special counsel Robert Mueller told Congress last July, “They are doing it as we sit here.”
In January 2017, DHS responded to the threat by declaring voting to be part of the national critical infrastructure. This gave the federal government a more prominent role to play in elections, which otherwise are exclusively the purview of the states.
Since then, experts say, a new cooperative environment has arisen between federal, state and local authorities in the effort to prevent cyber tampering and ensure public confidence in the process.
States Eye Success Through Information Sharing and Audits
With the creation of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) in 2018, state officials gained access to a common source of threat data — and, just as important, a common forum for sharing cyber concerns around the elections.
“We are building a dialog with DHS and trying to get them comfortable in our world,” says Paul Pate, president of the National Association of Secretaries of State and Iowa Secretary of State. “We’ve been setting up various communications tools and setting up resources. When we started on this path, the feds weren’t telling us anything, so just the progress on that front has been a big improvement.”
The cooperative arrangement enables states to see further than ever before as they seek to harden their voting systems against potential incursions.
“Before this, there wasn’t a holistic situational awareness,” says Geoff Hale, director of CISA’s Election Security Initiative. “Things that happened in California weren’t being seen in Wyoming. Now, they can share alerts and warnings from activity seen and reported on their networks.”
CISA supports the states with risk assessments, looking for potential weak spots in voting systems, and also with remote penetration testing, in which federal officials actively try to breach the elections infrastructure.
“We have done that with more than 25 states,” Hale says. “While it is only a point-in-time snapshot, it helps them make budget decisions going forward on what needs to be advanced to have a more secure system.”
In addition to that point-in-time service, more than 200 state, county and local election authorities have turned to CISA for persistent vulnerability scanning of their internet-facing enterprises, ensuring the integrity of sites run by the secretary of state, as well as online voter registration sites.