Give Now

We must close the loophole that allows law enforcement to buy our personal data without a warrant.

Championing Responsible National Security Policy
|
Analysis

Election Security Needs to Begin Long Before Ballots Are Cast

Our democracy and the security of our country depend on defending against election interference. (Illustration by POGO; Pixabay)

Reports about Russian efforts to meddle in the 2016 election—from use of social media bots and trolls to political ads to complex hacking efforts—continue to trickle out and roil both lawmakers and the public. Even more worrisome is the fact that this will likely be a recurring phenomenon, as Intelligence Community chiefs gravely warned in a Congressional hearing in mid February. But while the ongoing problem of foreign interference in our elections seems increasingly clear, its complexity and the wide array of actors involved makes coming up with solutions highly challenging.

Fortunately, Congress is taking steps to take on that challenge in a genuinely bipartisan manner (even as President Trump and Attorney General Jeff Sessions remain disturbingly blasé about the problem). A bill focused on preventative measures, The Secure Elections Act, introduced by Senators James Lankford (R-OK), Amy Klobuchar (D-MN), Lindsey Graham (R-SC), Kamala Harris (D-CA), Susan Collins (R-ME), and Martin Heinrich (D-NM), shows promise to improve our election security in a number of ways.

In particular, the Secure Elections Act takes a sensible approach to the challenge of offering federal aid to a system that is wisely administered at the state and local level (more in a bit on why it’s so wise): the bill offers support in the form of information-sharing and resources without setting technical mandates on recipient jurisdictions that could quickly become out-of-date. Specifically, the Secure Elections Act would 1) provide grants to protect election systems from attacks, 2) fund a “bug bounty” program to encourage outside parties to discover and report vulnerabilities, which can then be patched, 3) support information-sharing on attacks (that may be repeated against multiple election systems), and 4) create an advisory committee to develop best practices related to election security and encourage states to implement these protections.

The bill is receiving due praise for this approach to help guard against cyber attacks, especially those targeting voting machines. But one aspect of the bill that is just as—if not more—important is the breadth of its application. The resources and information access provided by this bill apply not only to election voting machines and ballot tabulators but also to “election systems” in general, which includes registration websites and databases.

Focus on this area is critical because registration rolls could be the greatest point of vulnerability for serious election tampering through malicious hacking.

Tampering with registration can be just as influential in swinging an election’s outcome as targeting voting machines themselves. This is because most states require advanced registration. Unless you’re in the small group of states with same-day registration, if you go to your polling place on Election Day but are not on the rolls, you won’t be able to vote. So a cyberattack that selectively purges a group of voters most likely to vote for one candidate could swing an election just as effectively as an attack on voting machines, but with far fewer methods of defense or redress.

Let’s look at two Senate elections from 2016 as examples of how this could play out: In Missouri, Republican incumbent Roy Blunt defeated Democrat Jason Kander by just over 78,000 votes. If an outside party had hacked into Missouri’s voter rolls and surreptitiously purged 100,000 reliable Republican voters (a mere 2.4 percent of registered voters in the state), Kander would have won the election; paper ballots, audits, and recounts would all have confirmed the result. On the flip side, in Nevada, Democratic candidate Catherine Cortez Masto beat Republican Joe Heck by just over 26,000 votes. If a foreign party had meddled in the election by removing 50,000 reliable Democratic voters (just 3.3 percent ofregistered voters), Heck would have been the victor. And these example purge numbers are fairly low compared to recent voter roll purge numbers in the news: In 2016, Ohio intentionallypurged between 6 and 11 percent of voters from its rolls in some counties. Thus, it’s entirely likely that a hack resulting in such a purge would not be immediately noticed.

Compromised voting machines and ballot tabulators are a serious risk, but fortunately there are several remedies to address them in addition to enhanced cybersecurity. Paper ballots and audits can do a great deal to counter an effort to falsify results, as Michael Sulmeyer explains in his detailed analysis of the Secure Elections Act. And the decentralized nature of our voting system—in which there are different machines and processes not only across states but sometimes even within individual counties—serves as a natural defense against malicious hacking. With so many different systems, it is much harder for a foreign adversary to launch a successful attack on a broad scale; different vulnerabilities would need to be discovered and exploited against different machines to have the desired goal.

Voter registration, on the other hand, lacks these inherent protections. The vast majority of states maintain voter rolls via a centralized state database, providing a single target. And tampering with registration rolls can dramatically impact the result before voting takes place, leaving audits ineffective. Even if a malicious hack on voter rolls were later uncovered, there is no real remedy; falsified voting results can be updated, but the government can’t call a do-over if it turns out large swaths of voters were selectively purged from the rolls and not allowed to vote at all.

There are a variety of solutions we should implement to combat this threat to the integrity of our elections. Measures like the Secure Elections Act that provide resources and information access to prevent cyberattacks on registration systems could make a significant difference. Additionally,as I’ve written before, conventional voter-access proposals—such as same-day registration, mail-in balloting, and extended voting periods—could mitigate registration-based tampering by making it easier for citizens to cast a ballot even if they were maliciously purged from voter rolls. But there is no silver bullet. If we are going to effectively defend against election interference we need to act on all these measures, and we need cybersecurity and national security experts of all stripes to step up and advocate for them. Our democracy and the security of our country depend on it.