Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management
22 State Attorneys General Seek Election Security Help
Funding for Cybersecurity Enhancements SoughtA group of 22 state attorneys general, mainly from Democratic-leaning states, are demanding Congress offer local officials more support - including grants and equipment standards - to improve election infrastructure security in the run-up to the 2020 presidential contest.
See Also: The State of OT Security: A Comprehensive Guide to Trends, Risks, and Cyber Resilience
Minnesota Attorney General Keith Ellison is leading the coalition of attorneys general that sent the letter Tuesday to the chairmen and vice chairmen of the U.S. Senate Appropriation Committee as well as Senate Committee on Rules and Administration.
In the letter, Ellison writes that Russia has not only interfered in previous elections, but plans to do so again in 2020.
Our democracy works only if we trust the integrity of our elections. That integrity was breached in 2016 & we have to rebuild it. I put together a coalition of 22 AGs today to tell Congress it's past time to act. https://t.co/unurS9I0vo
— Attorney General Keith Ellison (@AGEllison) June 18, 2019
"The nature of the threat against our election system requires the federal government to provide increased assistance to the states," Ellison writes. "Securing our election systems is a matter of national security, and we hope that you will take immediate action to protect our election infrastructure and restore Americans' trust in our election system."
The letter comes as Senate Democrats are pushing for votes on election security measures that are being blocked by Majority Leader Mitch McConnell, R-Ky. according to The Hill.
McConnell has previously said that he would support legislation that would improve election security, but that Democratic proposals would take authority away from local governments.
"I'm open to considering legislation. But it has to be directed in a way that doesn't undermine state and local control of elections," McConnell recently told Fox News. The Democrats ... would like to nationalize everything. They want the federal government to take over broad swaths of the election process, because they think that would somehow benefit them."
The House is already moving a package of election security bills forward and expects to bring those up for a vote soon, the Hill reports.
Russian Interference
In his letter, Ellison makes several references to the report prepared by Special Counsel Robert Mueller that concluded Russian agents attempted to interfere in the 2016 presidential election.
When Mueller spoke about the report in May, he stressed that the report concluded that "the Russian government interfered in the 2016 presidential election in sweeping and systematic fashion" (see: Mueller Reconfirms Russian Election Interference Campaign).
As part of that investigation, Mueller indicted several Russian intelligence officers who allegedly launched various attacks against the U.S. election infrastructure in 2016 (see: 10 Takeaways: Russian Election Interference Indictment).
"The indictment alleges that they used sophisticated cyber techniques to hack into computers and networks used by the Clinton campaign. They stole private information and then released that information through fake online identities and through the organization WikiLeaks," Mueller noted during his press conference. "The releases were designed and timed to interfere with our election and to damage a presidential candidate."
In addition to these incidents, Ellison's letter points to news media reports that Russian agents successful breached the election infrastructure in Florida. It also notes that the U.S. Department of Homeland Security is investigating problems with computers in North Carolina during the 2016 election.
There are also reports of Russian agents attempting to plant malware in voting machines in eight states, the letter notes.
Because it’s clear that Russia and other governments have the ability to use offensive cyber weapons to interfere with election infrastructure, the U.S. needs to begin countering these methods in time for the next election, says Joseph Carson, chief security scientist at Thycotic, a Washington-based security firm.
"One thing is clear: Foreign interference in the US elections has not stopped," Carson tells Information Security Media Group. "Instead, it has become more aggressive, placing the integrity of existing voting systems under serious scrutiny."
Other countries have started using technologies, such as machine learning and artificial intelligence, to counter these offensive cyber tools, and the U.S. needs to do the same, Carson says.
Action Items
In the letter, Ellison and the other attorneys general ask Congress to:
- Provide grants to states and local municipalities to help pay for upgrades of aging equipment, improve voter registration databases and provide more security training for election officials;
- Create new federal cybersecurity and audit standards for voting machines and other equipment used in elections;
- Pass the "Secure Elections Act," which would help pave the way for improved information sharing among different federal agencies as well as local and state governments.
The letter from the attorneys general notes that in 2018, Congress provided $380 million to help local governments improve their election security, but it argues that more is needed. "Our state and local election officials are on the front lines of the fight to protect our election infrastructure, but they lack the resources necessary to combat a sophisticated foreign adversary like Russia," it states.