Russia’s meddling in the 2016 United States presidential campaign season and election sparked an unprecedented push to secure election infrastructure. The effort was imperfect, and states are still dogged by a lack of federal election funding, but a relatively smooth Election Day thus far indicates that many of those security, integrity, and reliability initiatives have paid off.
Yes, Tuesday has seen its share of problems, including electronic pollbook failures in Franklin County, OH and voting machine outages in Spalding County, Georgia. In both cases, though, officials were able to keep voting going by switching to paper pollbooks and manually processing paper ballots. Both local election officials, researchers, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency said on Tuesday that such snafus are inevitable in every election and don’t indicate anything nefarious.
“We are seeing historic levels of cooperation among federal agencies and state and local election officials to secure this election and to adapt to the Covid-19 pandemic,” says Mark Lindeman, acting codirector of Verified Voting, a nonpartisan nonprofit that promotes election system integrity. “All this work has borne fruit. So far, the problem reports we are seeing are on par with past elections—a tremendous accomplishment amidst harrowing challenges.”
With hours still to go until the last polls close, no one wants to jinx anything. And officials warn in particular that there could still be election-related website outages or other digital system disruptions as users flock to check results reporting. But so far the ransomware concerns raised recently by officials have not come to fruition. And glitches or sites that go down under a surge of legitimate traffic won’t affect the underlying vote totals, and could even be considered an anticipated issue.
“Our election infrastructure is resilient and we have no indications that a foreign actor has succeeded in compromising or affecting the actual votes cast in this election,” DHS acting secretary Chad Wolf told reporters on Tuesday morning. “But we do remain on high alert here at DHS and CISA throughout the day and beyond to make sure that the integrity of our election infrastructure is maintained.”
Though researchers have been raising the alarm for more than a decade about woefully insecure voting machines and lack of digital defenses for other election-related systems, it took a wake-up call as dramatic and impactful as Russian meddling in the 2016 election to motivate truly large scale change. At the beginning of 2017, DHS designated election systems as critical infrastructure to unlock funding CISA could use for offering cybersecurity consulting services, audits, and training to state and local officials. And around the country election officials have worked to update and improve their digital systems, replace aging voting machines or those that don’t produce voter verified paper backups, and test their digital platforms for vulnerabilities that could be exploited to cause disruption or harm.
In 2018, Congress finally approved disbursement of $380 million from the 2002 Help America Vote Act that had been authorized but never appropriated. And the CARES Act stimulus package passed in late March included $400 million in emergency funding for election officials. But while election officials welcomed the HAVA money and needed the CARES package money to make emergency adjustments for the pandemic, researchers estimate that the federal government needs to invest upwards of a billion dollars to help election officials make all of the security and equipment changes they need, not to mention hiring more staffers with cybersecurity expertise.
Crucially, as Verified Voting’s Lindeman points out, there have never been so many channels for communication and coordination between local, state, and federal officials and law enforcement to assess and react to information quickly—a capability that was sorely lacking in 2016.
social experiment by Livio Acerbo #greengroundit #wired https://www.wired.com/story/election-day-hacking-threats-quiet