Officials on alert for potential cyber threats after a quiet Election Day
Election officials are cautiously declaring victory after no reports of major cyber incidents on Election Day.
“After millions of Americans voted, we have no evidence any foreign adversary was capable of preventing Americans from voting or changing vote tallies,” Christopher Krebs, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), said in a statement Wednesday.
But the long shadow of 2016, when the U.S. fell victim to extensive Russian interference, has those same officials on guard for potential attacks as key battleground states tally up remaining ballots.
Agencies that have worked to bolster election security over the past years are still on high alert during the vote-counting process, noting that the election is not over even if ballots have already been cast.
“I think while it’s fantastic that yesterday was quiet, that tells you that the work is paying off. But we know the nature of the threats in the cybersecurity landscape don’t go away, and you don’t get to say, ‘Oh, we’re good.’ You see the commitment and the effort and that has to continue,” Election Assistance Commission Chairman Benjamin Hovland, who was nominated by President Trump, told The Hill on Wednesday.
Election officials at all levels of government have been hyper-focused on the security of the voting process since 2016, when the nation was caught off-guard by a sweeping and sophisticated Russian interference effort that included targeting election infrastructure in all 50 states, with Russian hackers gaining access to voter registration systems in Florida and Illinois.
While there was no evidence that any votes were changed or voters prevented from casting a ballot, the targeted efforts created renewed focus on the cybersecurity of voting infrastructure, along with the improving ties between the federal government and state and local election officials.
In the intervening years, former DHS Secretary Jeh Johnson designated elections as critical infrastructure, and Trump signed into law legislation in 2018 creating CISA, now the main agency coordinating with state and local election officials on security issues.
“It’s like night and day,” Edgardo Cortés, who served as the Virginia commissioner of elections four years ago, told The Hill on Wednesday. “In 2016 the level of coordination was almost nonexistent except in the immediate run-up to the election.”
“The election yesterday went very well, the lead-up to yesterday and yesterday itself went very well, and I think it’s a reflection of the ongoing effort that state and local election officials have put into election security, and the coordination that has developed at all levels of government,” said Cortés, who now works as an adviser to the election security team at New York University’s Brennan Center for Justice.
In advance of Election Day, CISA established a 24/7 operations center to help coordinate with state and local officials, along with social media companies, election machine vendors and other stakeholders.
Hovland, who was in the operations center Tuesday, cited enhanced coordination as a key factor for securing this year’s election, along with cybersecurity enhancements including sensors on infrastructure in all 50 states to sense intrusions.
“On Election Day, we were able to — in a time where we are so conscious about misinformation and disinformation being one of the biggest threats — be able to drill down and see what is happening in a place, get factual information very quickly, and be able to report that out before something snowballs,” Hovland said.
Top officials were cautiously optimistic Wednesday about how things went.
Sen. Mark Warner (D-Va.), the ranking member on the Senate Intelligence Committee, said it was clear agencies including Homeland Security, the FBI and the intelligence community had “learned a ton of lessons from 2016.”
“That has included lots of coordination and sharing, including with private industry and social media companies, helping states and localities harden their systems, and focused intel collection to detect threats so they could be countered,” Warner, who was elected to a third term Tuesday, said in an emailed statement.
He cautioned that “we’re almost certain to discover something we missed in the coming weeks, but at the moment it looks like these preparations were fairly effective in defending our infrastructure.”
A major election security issue on Capitol Hill over the past four years has focused on how to address election security threats, particularly during the COVID-19 pandemic, when election officials were presented with new challenges and funding woes.
Congress has appropriated more than $800 million for states to enhance election security since 2018, along with an additional $400 million in March to address pandemic-related obstacles.
But Democrats and election experts have argued the $800 million was just a fraction of what’s required to fully address security threats, such as funding permanent cybersecurity professionals in every voting jurisdiction, and updating vulnerable and outdated election equipment.
“Election officials get a tremendous amount of credit on what they did with the limited amount of resources they had,” said David Levine, a former Idaho election official who’s now an elections integrity fellow at the Alliance for Securing Democracy.
“Having regular, consistent funding that election officials can rely on could be really critical to helping ensure the integrity and security of our elections going forward,” he added.
Threats from foreign interference have not disappeared, and threats to elections will almost certainly continue as votes are tallied, and into future elections.
A senior CISA official told reporters late Tuesday night that the agency was watching for threats including disinformation, the defacement of election websites, distributed denial of service attacks on election systems and increased demand on vote reporting sites taking systems offline.
“The attack surface for disinformation and other foreign interference efforts extends well into the next month or two,” the official said. “There is no spiking the football here. We are acutely focused on the mission at hand. We are aggressively looking for any activity that could interfere with the election, and that is going to be our mission for the foreseeable future.”
With Election Day coming only weeks after Director of National Intelligence John Ratcliffe and other federal officials announced that Russia and Iran had obtained U.S. voter data and were attempting to interfere in the election process, the threats were only underlined.
“When you look at what we’ve seen, I don’t anticipate any of those threats going away any time soon, but we’ve seen what we’re doing is working, and we need to keep doing that and keep improving,” Hovland said.