Aug 19 2020

The Election Security Drills States Need to Be Doing Right Now

With November right around the corner, state and local governments need to ensure the resilience of their election infrastructure.

It’s crunch time for state and local government officials tasked with administering and securing the general election on Nov. 3. As the campaign season has heated up, so have election cybersecurity concerns, including the recent warning from the U.S. intelligence community that Russia, China and Iran will all try to meddle in the presidential election.

State and local election officials have been preparing for years for the 2020 election, but the coronavirus pandemic has significantly disrupted those efforts. State budgets have been considerably dented due to the pandemic, more aid for election security from Congress may not be forthcoming and states are expected to see a massive surge in mail-in voting relative to past elections.

While there are some new technologies, such as endpoint detection and response tools, that have been recently added to shore up security, this ultimately comes down to ensuring election infrastructure is as resilient as possible.

What can state and local election officials, from the secretary of state down to county clerks, be doing to prepare for cyberattacks and election disruptions? Many states have already conducted tabletop exercises with the Department of Homeland Security and within their own offices. However, there is more that can be done to prep and test election systems. 

VIDEO: Hear from cybersecurity experts about the top election security threats.

How to Ensure Election Infrastructure Can Withstand Disruptions 

Over the past few months, many states have been partnering with DHS’ Cybersecurity and Infrastructure Security Agency and the nonprofit Center for Internet Security to deploy endpoint detection and response, which is “a software agent installed on systems, servers, or in the cloud to provide malware and anomaly detection and remediate active threats,” as CIS notes

As the Associated Press reports, 30 state election offices have already integrated the EDR tools via a DHS pilot program that launched in March. EDR software is expected to be rolled out in at least nine more states by November, according to the AP, though fewer than 100 local government agencies have signed on to the program. 

“Under the program, CIS analysts would receive alerts of suspicious activity, allowing them to monitor and track suspicious activity across jurisdictions with the goal of early detection and mitigation,” the AP reports. 

State and local agencies that have deployed EDR software should be testing it regularly and be in contact with both DHS and CIS to ensure it is working properly. 

Beyond new technology tools, there is much that experts say state and local agencies can do to ensure their election systems are resilient. 

Agencies should be conducting phishing drills to ensure that users with access to voter registration databases and other key information or systems know how to spot suspicious emails and do not click on unknown links that may introduce malware into election systems.

Election officials should also simulate what would happen if they lost access to an electronic poll book or voter registration database due to a malware attack or some other kind of cyberattack. Is there an offline backup? Is there a backup in a secure cloud that can be used? Voter registration databases should be backed up in multiple forms at least every 24 hours. That’s what Colorado Secretary of State Jena Griswold has required, and the state is seen as a leader on election security

Along those same lines, Lawrence Norden, director of the Brennan Center’s election reform program, says state and local officials should ensure they have adequate paper ballots and provisional ballots on hand at polling locations if systems go down. 

States should conduct exercises that simulate voter registration sites going offline and setting up a redirect page, as well as systems to capture voter information so that voters can be contacted.

Additionally, all states should implement and promote early voting policies, if they do not already, to help mitigate crowds and reduce the risk of COVID-19 transmission. 

It’s been said that in the United States during a general election, there is not one single federal election, but thousands of local elections spread across the country. State and local officials need to be protecting the nuts and bolts of democracy — and practicing for what happens if a screw gets knocked loose, or if the machinery starts to fall apart. Citizens still need to be able to cast their ballots. And there is still time to ensure that even if the worst happens, their votes will still be counted. 

This article is part of StateTech’s CITizen blog series. Please join the discussion on Twitter by using the #StateLocalIT hashtag.

CITizen_blog_cropped_0.jpg

Getty Images/ outline205