The 2018 midterm elections are approaching fast, and the Department of Homeland Security is ratcheting up its efforts to help states shore up their voting systems in time for November. In addition to conducting risk and vulnerability assessments in 17 states, Homeland Security officials are also offering guidance on how states can best use their share of the $380 million in funding that was allotted by this year’s omnibus spending bill to make voting systems safer, more secure and more accessible.
For the moment, DHS officials are focusing primarily on short-term goals like mitigating common IT vulnerabilities.
These goals include establishing regular patch schedules for voting machine software and training election workers on how to identify phishing scams. Some states are also considering hiring “cyber navigators” to help monitor voting systems for potential security vulnerabilities in the lead-up to election day. These staffers would also be available to help polling places recover from any technical issues that might arise during the election. To help states stay abreast of the latest security threats, the DHS is providing federal security clearances to three election officials in each state as well.
“With the elections infrastructure, we are seeing the same vulnerabilities across IT systems,” said Senior Cybersecurity Advisor Matt Masterson during a recent hearing of the Senate Judiciary Committee. “Maintenance, software updates, updating equipment and hardware and general upgrades that need to take place, as well as configuration management to limit the amount of damage that can be done.”
These short-term goals are designed to help states prepare for this year’s midterm elections, but the DHS has long-term goals in mind for state and federal election security, too.
First and foremost, cybersecurity advisors are encouraging states to replacing aging electronic voting machines with modern machines that produce auditable paper trails. During the 2016 presidential election, many states relied on optical-scan voting machines that are more than a decade old.
Not only do these machines run outdated software, they are also prone to hardware issues like worn-out touchscreens and modems. In the event that one of these machines is compromised by hackers, it can be very difficult to verify the integrity of its results. Many cybersecurity experts have also argued that states should employ robust data encryption techniques to protect voter registration databases from unauthorized access.
As of June 5, the Election Assistance Commission (EAC) has distributed 55 percent of the $380 million that was allotted by the spending bill to 26 states. The amount of funding each state receives is based on their total population of voting-age residents. California is eligible to receive up to $36 million, for example, while Montana could receive just over $3 million in federal funding. The EAC expects all funding requests to be complete by mid-July.
“This steady stream of funding requests from the states demonstrates an undeniable recognition that this money can have a tangible and immediate impact on the efficiency, security and accessibility of our nation’s election systems, said EAC Chairman Thomas hicks in a statement. “The Commission has diligently worked with states to distribute these new funds as quickly as possible.
Despite optimism from the EAC and DHS, officials in some states have expressed concerns that the funding allotted to their districts will not be enough to upgrade outdated voting infrastructures. Although some significant improvements can undoubtedly be made in time for the 2018 midterm elections, it will take a prolonged joint effort between local and federal officials to ensure the integrity of all future U.S. elections.