Cybersecurity

False election claims undermine efforts to increase security

Officials say the biggest threat facing U.S. elections isn’t Russian hacking or domestic voter fraud but disinformation and misinformation increasingly undermining the public’s perception of voting security.

Since the 2016 vote, Congress has allocated millions of dollars to states in an attempt to shore up cybersecurity and replace outdated, vulnerable voting machines, but even as improvements are made, faith in the system is being eroded.

“I believe that the biggest vulnerability is disinformation, that these machines are not functioning in the way that they were intended,” Election Assistance Commission (EAC) Commissioner Thomas Hicks, who was nominated by former President Obama, said Thursday during a virtual event hosted by Freedom House, the Bush Institute, Issue One and the National Center for Civil and Human Rights.

EAC Chairman Donald Palmer, nominated by former President Trump, agreed with Hicks, telling The Hill Friday that “our systems are secure, and they have been tested and are secure, and the misinformation about those systems, that hurts voter confidence.”

Concerns over misleading claims undermining elections are nothing new, but gained widespread public attention after 2016. In the months leading up to November, Russian government hackers targeted election infrastructure in all 50 states, successfully accessing voter registration systems in two of them, though no votes were changed.

The Russian Internet Research Agency also used sites such as Facebook and Twitter to spread disinformation to sway the election toward Trump. A Facebook official later testified to Congress that more than 126 million people may have seen Internet Research Agency content ahead of the 2016 elections.

Political parties were not exempt from the efforts, with the Democratic National Committee and the Democratic Congressional Campaign Committee falling victim to Russian GRU intelligence hacking efforts in 2016 that involved stealing and releasing thousands of documents.

Following revelations in reports issued by the Senate Intelligence Committee and from former special counsel Robert Mueller, efforts to shore up election security became a priority.

Congress allocated more than $800 million to states between 2018 and 2020 to enhance technology, shore up cybersecurity and cope with changes to elections due to the COVID-19 pandemic, including moving to more paper-based and absentee voting.

EAC commissioners in February unanimously approved the Voluntary Voting Systems Guidelines 2.0 to overhaul and improve voting equipment standards, with Hicks noting the guidelines were being “implemented as we speak.”

“Our systems are secure, but it’s older technology, and we need to stay ahead of our adversaries by upgrading to the latest cyber technology, and that is the latest election community consensus, that is why we adopted 2.0,” Palmer said Friday.

But with Trump and his allies clinging to false claims of widespread voter fraud in last November’s election, the improvements might do little to increase public confidence.

Liz Howard served as deputy commissioner of elections in Virginia in 2016 and helped oversee the decertification of voting machines that did not have a paper record following that election. Howard told The Hill Friday that while election security had come “light years” since then, she was increasingly worried about the public’s perception.

“We know how to secure our infrastructure and protect it from hacking, but we don’t know how to protect people from hacking, and that is absolutely one of the biggest concerns we are looking at looking ahead,” Howard, who currently serves as senior counsel at the Brennan Center for Justice, said.

Republican concerns about election integrity led to the recent controversial months-long audit of the 2020 presidential election in Arizona’s Maricopa County, which confirmed President Biden’s win, but has inspired similar audits in other states.

Polls have shown that a majority of GOP voters believe Biden won through fraud, despite no evidence to support it. Among the claims repeated by Trump and his defenders are allegations against Dominion Voting Systems that the company considers slanderous — and has filed billion-dollar lawsuits over.

In response to mounting concerns around election security, officials have jumped into action.

The Cybersecurity and Infrastructure Security Agency (CISA), the federal agency responsible for securing critical infrastructure including elections, created a “rumor control” surrounding the 2020 election, which led to ire from Trump and caused CISA’s leadership to either be fired or resign.

Current CISA Director Jen Easterly said last week that despite the controversy, the page would remain up for future elections as a way to debunk misleading claims. Geoff Hale, the director of CISA’s Election Security Initiative, told The Hill that CISA was full speed ahead in combating false information in the election space, including through rolling out graphic novels covering ways foreign nations and threat actors spread disinformation and how to spot it.

“Malign information certainly presents a risk,” Hale said Friday. “There is an opportunity to educate the public in not just the high-level manner that elections are run, put into administering the election, and the opportunities for transparency throughout the process.”

CISA has worked with social media companies to combat disinformation and misinformation during elections, with the firms taking steps as well in the years since 2016 to make it harder for both foreign and domestic threat actors to sway elections through their platforms.

“I think we’ve grown a strong working relationship with many social media platforms,” Hale said, stressing that “we are in the business of giving good risk management advice to all of our stakeholders.”

But often those efforts are not enough. Ahead of California’s recall election in September, a coalition of advocacy groups wrote to the leaders of Alphabet, Facebook, Twitter and YouTube warning of a massive threat to the security of the elections process posed by false election claims.

One of the organizations that signed on to the letter was Decode Democracy, which aims to fight disinformation online and work to hold social media companies accountable.

Ann Ravel, the policy director for Decode Democracy, told The Hill Friday that while U.S. elections were “absolutely more secure” than in 2016, disinformation and misinformation had “exploded” in the years since.

“It really does have an impact for what people think is misinformation, both after the election and before the election, and so it’s definitely causing this explosion of people’s lack of confidence in the electoral process, which is a worrisome problem for our democracy,” Ravel said.

Many experts believe the future of combating disinformation and misinformation that undermines public confidence in elections could lie in education and enhancing trusted voices.

“It’s critical that voters look to state and local election officials for accurate information about how elections are administered and secured in their jurisdiction,” a spokesperson for the National Association of State Election Directors told The Hill. “Every American has a role to play in election security because an informed public is the best defense against mis- and disinformation.”

CISA’s Hale stressed that promoting “secure practices” would help rebuild trust in elections among the public, with Howard separately pushing for a unified approach in combating misleading information in the elections space.

“This is a race without a finish line, it requires being vigilant perpetually, there is always going to be work that needs to be done,” Howard said.

“It is going to require a team effort to respond to and combat the scourge of misinformation and disinformation that we are facing.”