States seek to reassure voters’ cyber concerns ahead of critical midterms test

Officials are speaking out about the security of election systems amid fears cyberattacks could deter Americans from voting. 

Claims of voter suppression traditionally center around practices like voter roll purges and ID laws.

There is no evidence that votes were altered in the Russian attack on the 2016 elections but experts say the concept of a cyberattack alone has left some Americans worried about whether their ballots count.

Making sure voters feel secure going to the polls has “been priority No. 1 for us,” said Matt Dietrich, the public information officer for the Illinois state board of elections, which was breached by Russian hackers ahead of the 2016 election.

A survey of registered voters released this week by security provider OpenVPN showed 60 percent of respondents didn’t believe that the U.S. election system is secure, and 63 percent think the country hasn’t done enough to protect the system for future elections.

With both parties promising a “wave” in the midterms, officials said letting voters know their ballots will be counted — and counted accurately — is essential before polls open in November.

Dietrich said news of the breach of Illinois’s voter registration database didn’t pick up much steam until it was revealed that Russia could have been behind the attack, which was later confirmed in special counsel Robert Mueller’s indictment of 12 Russian military officers earlier this year.

He said that he has gotten calls from citizens worried that Russian hackers could “steal” their vote, and that he has noted that the past breach was related solely to voter registration data. No data was believed to have been altered in the attack, only viewed.

“If people think that their data is not safe when they register to vote, they’re not going to register,” Dietrich said. “So we want to do everything we can to let them know that we are using the best practices out there.”

He said the state board of elections has held public events and demonstrations on how they’ve made the state election system more secure ahead of November’s elections, including a press conference hosted by current and former officials across different levels of the government in Chicago this week.

Vermont Secretary of State Jim Condos said his state tries to get ahead of any concerns by being open and transparent about its election infrastructure and the vulnerabilities it faces.

He said the state’s voter registration database was targeted in August by hackers labeled as the Russian Federation, but that the state was able to thwart the attack and reported it to the Department of Homeland Security (DHS).

Condos, who is also the president of the nonpartisan National Association of Secretaries of State, said that publicly discussing the state’s ability to deflect the attack “assures people that we are confident that our systems.”

“We have put the systems in place, we have put the defenses in place and they’re working,” he said. “They did their job, we’re defending against any of these attacks.”

Condos acknowledged that a cyber breach remains possible but said his state has implemented procedures like daily backups of the voter registration database to mitigate the effects of a successful attack.

States have also called in the National Guard to help with election security efforts: Col. Kenneth Donnelly of the Louisiana National Guard said Gov. John Bel Edwards (D) assembled a commission to focus on election security, including representatives from the public and private industries.

Donnelly said the state also has a plan on how to respond to any cyber incidents that may take place on Election Day.

He said the efforts send the message that the “voting systems and the integrity of the voting systems are going to be intact,” and that if an attack does take place, there will “be back-up plans to ensure that [citizens’] vote is intact.”

DHS has done more to partner with state and local jurisdictions since 2016, when officials said little to no information was shared about threats to election systems. Lawmakers earlier this year also allocated $380 million in funding for states to shore up their election security.

Still, Congress has not passed legislation on election security in the wake of 2016 despite several bills being introduced on the topic.

While officials say they’re doing what they can to instill voter confidence, both they and experts acknowledge that they are limited in their abilities to counter some attacks.

The Russian influence campaign launched ahead of the 2016 election took advantage of social media platforms like Facebook and Twitter to spread disinformation or to spark divisiveness in some communities, like the Black Lives Matter movement.

Administration officials have pointed to China as conducting a similar influence campaign, and accounts linked to the Iranian government were also shuttered across a variety of social media platforms earlier this year.

“As election officials we cannot do a whole lot about the disinformation campaigns,” Noah Praetz, the director of elections for suburban Cook County, said at a press conference on election security efforts this week. “But we can and must secure our portion of the line, our election infrastructure.”

Both companies have cracked down on the campaigns. This week, Twitter released an archive of all the information it has obtained on Russian and Iranian disinformation campaigns since 2016.

And Facebook last week said it was pulling hundreds of accounts linked to funneling fake political information and clickbait.

Despite the threats and disinformation campaigns, experts largely expected voters to turn out to the polls if they’re motivated enough. While voter turnout is generally lower during midterm election years, this November’s races are highly anticipated amid a rush of anti-Trump and GOP enthusiasm.

Josh Geltzer, the former senior director for counterterrorism at the National Security Council during the Obama administration and the executive director of Georgetown Law’s Institute for Constitutional Advocacy and Protection, said that he believes most voters will prioritize the importance of their ballot over any security concerns.

He said that voters are likely asking election officials about what they have done to beef up the security of voting systems, and that “in some places the answers aren’t where we’d like them to be.”

“But I hope and I think voters are still realizing that, whatever the state of security may be, voting and its consequences are just too important to forego,” Geltzer said.

In light of the security efforts made, officials and experts have both acknowledged that a cyberattack is possible during next month’s elections, a scenario underscored by DHS’s top cyber official on Thursday.

Christopher Krebs, the head of the National Protection and Programs Directorate (NPPD), said during remarks given at Cyberscoop’s CyberTalks that while there’s no sign of election interference just weeks before the polls open, it “frankly makes me a little nervous.”

“If we’re not seeing any activity and we’re less than three weeks out, what does that mean?” he asked.