Officials and cyber experts are expressing confidence in reforms made to prevent a repeat of election hacking and foreign interference one year ahead of their biggest test yet, Election Day 2020, even as they remain vigilant.
This optimism comes even as lawmakers remain sharply divided along party lines on how to address election security concerns.
Sen. Ron Johnson (R-Wis.), the chairman of the Senate Homeland Security and Governmental Affairs Committee, told reporters on Thursday that he believes “great strides” have been made since 2016 by the Department of Homeland Security (DHS) and election officials.
{mosads}“It’s a serious issue, and one we take seriously, but when I take a look at all the threats facing this nation, it really is on the lower end of my priority list in terms of what I’m overly concerned about because it’s being addressed I think pretty effectively,” Johnson said.
Democratic House Homeland Security Committee Chairman Bennie Thompson (Miss.), though, warned this week that “in just over a year, voters in many states across the country will vote for president in 2020 on machines that are old, have no paper trail, and are vulnerable to manipulation.”
But focus on election security from all levels of government has massively increased in the three years since the 2016 elections, when Russian operatives attempted to interfere in the elections through both hacking and disinformation on social media efforts.
At the federal level, a key player in the election security fight is DHS’s Cybersecurity and Infrastructure Security Agency (CISA), whose director Christopher Krebs has made election security one of his five “operational priorities.”
Since the designation of elections as “critical infrastructure” by former DHS Secretary Jeh Johnson in 2017, the agency has stepped up to assist states in tackling potential cybersecurity vulnerabilities, while still warning of potential threats.
Matthew Masterson, the senior cybersecurity advisor at CISA, testified to the House Judiciary Committee last month that despite improvements to security, “the threat to our elections remains and it is incumbent on all levels of government to work together to respond.”
DHS has increased communication with state and local election officials. Liz Howard, a former deputy commissioner at the Virginia Department of Elections, told The Hill that since 2016 the focus on election security by election officials “has completely shifted.”
“The federal partnership was not there for the most part in 2016 and now I haven’t spoken to a local election official that isn’t aware that DHS wants to help them in the past couple of years,” Howard, who currently serves as counsel at New York University’s Brennan Center for Justice, said.
Individual states have also taken steps to improve election security.
The Senate Intelligence Committee found in its investigation into Russian interference in 2016 that while no votes were changed, all 50 states were targeted by Russian actors.
In Illinois, where Russian operatives gained access to about 200,000 voter registration records in 2016, cybersecurity has been prioritized, including through the creation of the “Cyber Navigator” program to boost state election systems’ cybersecurity.
Matt Dietrich, the public information officer for the Illinois Board of Elections, told The Hill that he is “confident” that the state has been able to “stay one step ahead of the hackers,” but cautioned that cybersecurity will always be an evolving challenge.
“You can never guarantee something when you are talking about cybersecurity,” Dietrich said.
{mossecondads}In Ohio, a measure was signed into law last month that increases cybersecurity protections and resources for elections. And in Pennsylvania, Gov. Tom Wolf (D) this week signed a bill that gives counties $90 million to replace outdated voting machines.
Virginia underwent the process of decertifying all voting machines that did not have a paper record of votes after 2016. Howard, who was involved in this process, told The Hill that while decertifying the machines was not “ideal,” it was necessary to ensure the security of elections moving forward.
These efforts come despite the partisan clash over election security in Washington.
House Democrats have passed three major bills on the topic this year, and Senate Democrats are pressuring Senate Majority Leader Mitch McConnell (R-Ky.) to allow a vote on these bills and others.
McConnell has cited concerns around federalizing elections and violations of First Amendment rights in blocking the majority of these bills. But critics say Republicans are wary of highlighting issues with hacking or foreign interference in 2016 and angering President Trump
Earlier this year, the leaders of the Department of Homeland Security, the Intelligence Community, the National Security Agency, and the FBI briefed members of the House and Senate on the status of election security. Republicans emerged confident with the state of election security prior to 2020, while Democrats protested that more should be done.
Sen. Lindsey Graham (R-S.C.), who has co-sponsored several election security bills, told The Hill last week that he would be in favor of another election security briefing prior to the 2020 elections.
“I think it would probably be time again to gather them up before we leave town for the holidays and make sure they have everything they need,” Graham said of federal officials.
Election officials overall have cited the need for more funding from Congress to implement security upgrades.
The Brennan Center estimates that in order to implement the most critical of election security upgrades, including replacing outdated voting machines and providing additional cybersecurity assistance for state and local officials, around $2.2 billion in investments is needed over the next five years.
Congress has made some headway in this area, appropriating $380 billion to states for election security in 2018.
Earlier this year, the House passed its version of the 2020 Financial Services and General Government spending bill with a further $600 million for election security efforts, and the Senate Appropriations Committee recently approved its version of the bill with $250 million for election security.
But with one year left before Election Day on Nov. 3, 2020, election security experts caution that the window of opportunity for improvements is narrowing.
Matt Blaze, a professor of computer science and law at Georgetown University, told The Hill that the funds should go towards buying “paper-based voting machines and conducting risk-limiting audits” to ensure election results are not tampered with.
“Those are well-understood, uncontroversial means that will make a huge difference,” Blaze said.
David Levine, an elections integrity fellow at the Alliance for Securing Democracy and a former election official, said a major way to increase the security of voting machines is by replacing paperless voting equipment, which will still be used by about 16 million Americans in eight states during the 2020 elections.
“The paperless voting equipment in many instances is older, you don’t have the ability to audit it, there are questions about its ability to function properly, whether that is being vulnerable to adversaries, or just simply breaking down by sheer accident,” Levine said.
Howard emphasized that despite the improvements since 2016, the true test will be on Election Day.
“We have made a significant amount of progress since 2016, but there is still a lot of work to be done before 2020,” Howard said.