Cyber officials tout reforms with one year to Election Day

Cyber officials tout reforms with one year to Election Day

Officials and cyber experts are expressing confidence in reforms made to prevent a repeat of election hacking and foreign interference one year ahead of their biggest test yet, Election Day 2020, even as they remain vigilant.

This optimism comes even as lawmakers remain sharply divided along party lines on how to address election security concerns.

Sen. Ron JohnsonRonald (Ron) Harold JohnsonGraham requests State Department documents on Bidens, Ukraine House GOP wants Senate Republicans to do more on impeachment Sondland testifies quid pro quo in Ukraine was real and widely known MORE (R-Wis.), the chairman of the Senate Homeland Security and Governmental Affairs Committee, told reporters on Thursday that he believes “great strides” have been made since 2016 by the Department of Homeland Security (DHS) and election officials.

ADVERTISEMENT

“It’s a serious issue, and one we take seriously, but when I take a look at all the threats facing this nation, it really is on the lower end of my priority list in terms of what I’m overly concerned about because it’s being addressed I think pretty effectively,” Johnson said. 

Democratic House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonHillicon Valley: Senators ask Trump to halt Huawei licenses | Warren criticizes Zuckerberg over secret dinner with Trump | Senior DHS cyber official to leave | Dems offer bill on Libra oversight Senior DHS cyber official to step down Democratic lawmaker introduces bill to tackle online terrorist activity MORE (Miss.), though, warned this week that "in just over a year, voters in many states across the country will vote for president in 2020 on machines that are old, have no paper trail, and are vulnerable to manipulation.”

But focus on election security from all levels of government has massively increased in the three years since the 2016 elections, when Russian operatives attempted to interfere in the elections through both hacking and disinformation on social media efforts. 

At the federal level, a key player in the election security fight is DHS’s Cybersecurity and Infrastructure Security Agency (CISA), whose director Christopher Krebs has made election security one of his five “operational priorities.” 

Since the designation of elections as “critical infrastructure” by former DHS Secretary Jeh Johnson in 2017, the agency has stepped up to assist states in tackling potential cybersecurity vulnerabilities, while still warning of potential threats.

Matthew Masterson, the senior cybersecurity advisor at CISA, testified to the House Judiciary Committee last month that despite improvements to security, “the threat to our elections remains and it is incumbent on all levels of government to work together to respond.”

DHS has increased communication with state and local election officials. Liz Howard, a former deputy commissioner at the Virginia Department of Elections, told The Hill that since 2016 the focus on election security by election officials “has completely shifted.”

“The federal partnership was not there for the most part in 2016 and now I haven’t spoken to a local election official that isn’t aware that DHS wants to help them in the past couple of years,” Howard, who currently serves as counsel at New York University’s Brennan Center for Justice, said. 

Individual states have also taken steps to improve election security.

The Senate Intelligence Committee found in its investigation into Russian interference in 2016 that while no votes were changed, all 50 states were targeted by Russian actors.

In Illinois, where Russian operatives gained access to about 200,000 voter registration records in 2016, cybersecurity has been prioritized, including through the creation of the “Cyber Navigator” program to boost state election systems' cybersecurity.

Matt Dietrich, the public information officer for the Illinois Board of Elections, told The Hill that he is “confident” that the state has been able to “stay one step ahead of the hackers,” but cautioned that cybersecurity will always be an evolving challenge.

“You can never guarantee something when you are talking about cybersecurity,” Dietrich said.

ADVERTISEMENT

In Ohio, a measure was signed into law last month that increases cybersecurity protections and resources for elections. And in Pennsylvania, Gov. Tom Wolf (D) this week signed a bill that gives counties $90 million to replace outdated voting machines.

Virginia underwent the process of decertifying all voting machines that did not have a paper record of votes after 2016. Howard, who was involved in this process, told The Hill that while decertifying the machines was not “ideal,” it was necessary to ensure the security of elections moving forward.

These efforts come despite the partisan clash over election security in Washington.

House Democrats have passed three major bills on the topic this year, and Senate Democrats are pressuring Senate Majority Leader Mitch McConnellAddison (Mitch) Mitchell McConnellOvernight Defense — Presented by Boeing — Deal on defense bill proves elusive | Hill, Holmes offer damaging testimony | Trump vows to block Navy from ousting officer from SEALs Trump steps up GOP charm offensive as impeachment looms Congressional authority in a time of Trump executive overreach MORE (R-Ky.) to allow a vote on these bills and others. 

McConnell has cited concerns around federalizing elections and violations of First Amendment rights in blocking the majority of these bills. But critics say Republicans are wary of highlighting issues with hacking or foreign interference in 2016 and angering President TrumpDonald John TrumpWatergate prosecutor says that Sondland testimony was 'tipping point' for Trump In private moment with Trump, Justice Kennedy pushed for Kavanaugh Supreme Court nomination: book Obama: 'Everybody needs to chill out' about differences between 2020 candidates MORE

Earlier this year, the leaders of the Department of Homeland Security, the Intelligence Community, the National Security Agency, and the FBI briefed members of the House and Senate on the status of election security. Republicans emerged confident with the state of election security prior to 2020, while Democrats protested that more should be done.

Sen. Lindsey GrahamLindsey Olin GrahamFBI official under investigation for allegedly altering document in Russia probe: report Trump steps up GOP charm offensive as impeachment looms Graham requests State Department documents on Bidens, Ukraine MORE (R-S.C.), who has co-sponsored several election security bills, told The Hill last week that he would be in favor of another election security briefing prior to the 2020 elections. 

“I think it would probably be time again to gather them up before we leave town for the holidays and make sure they have everything they need,” Graham said of federal officials. 

Election officials overall have cited the need for more funding from Congress to implement security upgrades. 

The Brennan Center estimates that in order to implement the most critical of election security upgrades, including replacing outdated voting machines and providing additional cybersecurity assistance for state and local officials, around $2.2 billion in investments is needed over the next five years. 

Congress has made some headway in this area, appropriating $380 billion to states for election security in 2018.

Earlier this year, the House passed its version of the 2020 Financial Services and General Government spending bill with a further $600 million for election security efforts, and the Senate Appropriations Committee recently approved its version of the bill with $250 million for election security.

But with one year left before Election Day on Nov. 3, 2020, election security experts caution that the window of opportunity for improvements is narrowing.

Matt Blaze, a professor of computer science and law at Georgetown University, told The Hill that the funds should go towards buying “paper-based voting machines and conducting risk-limiting audits” to ensure election results are not tampered with.

“Those are well-understood, uncontroversial means that will make a huge difference,” Blaze said. 

David Levine, an elections integrity fellow at the Alliance for Securing Democracy and a former election official, said a major way to increase the security of voting machines is by replacing paperless voting equipment, which will still be used by about 16 million Americans in eight states during the 2020 elections.

“The paperless voting equipment in many instances is older, you don’t have the ability to audit it, there are questions about its ability to function properly, whether that is being vulnerable to adversaries, or just simply breaking down by sheer accident,” Levine said.

Howard emphasized that despite the improvements since 2016, the true test will be on Election Day.

“We have made a significant amount of progress since 2016, but there is still a lot of work to be done before 2020,” Howard said.