Senate Intelligence Hearing on Election Security Shows Promise for Preventing Future Cyber Attacks on Federal/State Election Infrastructure
The United States Senate Select Committee on Intelligence had a hearing today, questioning current Department of Homeland Security (DHS) Secretary Kirstjen Nielsen, Executive Director of National Association of State Election Directors (NASED) Amy Cohen, and President-elect of the National Association of Secretaries of State (NASS) Jim Condos (among others) on the current state of elections security heading into the 2018 elections. The hearing focused on increased communication between DHS and state/local election officials and improving election infrastructure protection against threats. One important finding emphasized today by Chairman Burr was that in 2016, DHS reported only one breach of a state voter registration system and that no registration information or votes were changed.
Vermont Secretary of State Condos pointed out that states are taking cybersecurity threats seriously: “Secretaries of State across the nation are diligently working each day to safeguard the elections process with their own IT teams, private sector security companies, the federal government, and other partner organizations.”
Moving forward, communication and cooperation are being improved between DHS and state election officials. Secretary Nielsen stated that “DHS has been working with state chief election officials and additional election staff in each state to provide them with security clearances.” This communication of classified information would be a dramatic improvement, as previously DHS would withhold information about cybersecurity threats from state and local officials.
In the last year, increased communication and assistance have helped election administration at the state level. States have used the new information to run regular trainings, relay information, and make other resources available to local officials to increase monitoring and security in the election process.
Condos stated how infrastructure protection is moving forward with state officials now able to “utilize resources provided by DHS, such as cyber-hygiene scans, risk and vulnerability assessments, penetration testing and consulting.” Condos also stated how infrastructure protection is being improved among states with the creation of the Election Infrastructure Government Coordinating Council (EIS-GCC), which was created to “improve communications between state and local officials and the federal government and to share resources.” The EIS-GCC will help monitor any potential threats that can occur and help counter potential cyber security threats immediately.
Another inherent protection to the integrity and security of election infrastructure is that in our federalist system, American elections are decentralized. Secretary Nielsen told the committee that “There are thousands of election jurisdictions, hundreds of thousands of voting locations, and many more hundreds of thousands of voting machines. The diversity of equipment used and the sheer number of precincts creates obstacles to a large-scale attack on voting equipment.” Condos added that the “low connectivity electoral process is inherently designed to withstand and deter threats.”
The hearing today shows how measures are being taken to improve elections infrastructure and cooperative communication will help provide immediate responses to any cyber-attacks moving forward to the 2018 elections.
DHS Sec. Kirstjen Nielsen – https://www.intelligence.senate.gov/sites/default/files/documents/os-knielsen-032118.pdf
VT Secretary of State Jim Condos – https://www.intelligence.senate.gov/sites/default/files/documents/os-jcondos-032118.pdf
NASED Executive Director Amy Cohen – https://www.intelligence.senate.gov/sites/default/files/documents/os-acohen-032118.pdf