The Russian hacking of the U.S. 2016 presidential election was an “assault” on election infrastructure, and it likely augurs a greater attack in the 2018 or 2020 elections, says a former director of the CIA.
“I am confident the Russians will be back, and that they will take what they have learned last year to attempt to inflict even more damage in future elections,” writes James Woolsey, former CIA director, in the foreword to a recent report, Securing Elections from Foreign Interference, issued by the Brennan Center for Justice at the New York University School of Law.
Some members of the U.S. Congress hold similar views. The two cochairs of the Congressional Task Force on Election Security, Rep. Bennie G. Thompson (D-MS) (who is also the ranking member on the Homeland Security committee) and Rep. Robert Brady (D-PA) say that Russia’s targeting of voting infrastructure in at least 21 states was a direct attack on our democracy. “We are taking the steps to begin an investigation into what we can do to secure our election infrastructure and prevent what transpired last year from happening again,” Thompson and Brady said in a joint statement.
The task force was formed earlier this year. It will serve as a forum for members of Congress to hear from election infrastructure experts on physical security and cybersecurity challenges, and identify actions that should be taken to guard against future attacks.
In the meantime, the Brennan Center report also offers specific actions that Congress and local election officials can take to protect future elections from continued foreign interference. The report’s recommendations include:
Replace antiquated voting machines with new, auditable systems. For example, the Brennan Center recommends that states and counties replace the old direct-recording electronic voting machines that are still used in 14 states around the country.
Conduct audits of paper ballots. Currently, only 26 states require that election officials conduct post-election audits of paper records. The Brennan Center recommends that all of them do.
Support the Election Assistance Commission. Since 2005, the EAC has helped increase the reliability of voting machines by setting standards and providing guidance for electoral systems and their security.
Adopt general security best practices. Many of the security problems facing election systems are similar to those facing other large distributed systems, for which there are already well-established security protocols.
Harden database systems by updating threat awareness. Many experts agree that the first step that governments should take in securing voter registration systems is to regularly identify the potential avenues for attack, mapping out all of the entities that interact with a particular voter registration system, and developing mitigation strategies where weaknesses are identified.