Senators press federal election officials on state cybersecurity

Senators press federal election officials on state cybersecurity
© Getty Images

Senators on Wednesday pressed top officials from the U.S. Election Assistance Commission (EAC) about their efforts to boost state cybersecurity election systems, with a focus on whether each state should have a mechanism in place to audit their results.

“Many elections across the nation do not have auditable elections. They are done completely electronically,” Sen. James LankfordJames Paul LankfordGOP group calls on Republican senators to stand up to McConnell on election security in new ads Hillicon Valley: GOP hits back over election security bills | Ratcliffe out for intel chief | Social media companies consider policies targeting 'deepfakes' | Capital One, GitHub sued over breach The Hill's 12:30 Report: Biden camp feels boost after Detroit debate MORE (R-Okla.) told the panel of witnesses at a hearing on election security preparedness convened by the Senate Rules and Administration Committee.

Thomas Hicks, the head of the EAC, indicated that states decide whether they want to have auditable elections.

The EAC, established in 2002, is a bipartisan commission tasked with developing guidance to meet requirements like maintaining the national mail voter registration form, “adopting voluntary voting system guidelines, and serving as a national clearinghouse of information on election administration," according to its website.

Sen. Angus KingAngus Stanley KingBipartisan panel to issue recommendations for defending US against cyberattacks early next year New intel chief inherits host of challenges Senators ask for committee vote on 'red flag' bills after shootings MORE (I-Maine) pressed Hicks on whether there should always be a paper backup to determine accurate counts.

"It depends on the state,” Hicks said. "If we can do security with paper, to make sure it is accessible to those who have disabilities, then I would say that is 100 percent right that we should have a paper backup."

Hicks said states are not required to have an auditable ballot trail, despite requirements under the Help America Vote Act (HAVA) that they must abide by in order to receive federal money.

The hearing comes amid heightened security concerns that malicious actors may seek to interfere in the November midterm elections, following the U.S. intelligence community's assessment that Russia meddled in the 2016 presidential election.

Election officials at the state level are responsible for picking cybersecurity protection monitoring services, Hicks said, adding that it falls on states to determine whether a company is reputable.

"We don't give that sort of specific advice," Hicks said. "Individual election officials have to be vigilant in terms of knowing that there are going to be pop-ups out there looking to make a quick buck."