Ohio to ramp up election security with new federal funds

Ohio is moving to implement a string of election security measures with new funding from Washington as the state races against the clock to guard against foreign hacking and disinformation campaigns.

Ohio Secretary of State Frank LaRose (R), speaking on the sidelines of last week’s National Association of Secretaries of State (NASS) meeting in Washington, said there has been a seismic shift at the state level following the 2016 Russian election interference.

 “From what I’ve observed, there is definitely a pre-2016, post-2016 mentality,” said LaRose, who characterized the coordination between the federal government, states and county officials as improving “exponentially.”

Congress appropriated $380 million in 2018 to help states boost their election security. That was followed by an additional $425 million in December.

 “I don’t think you’re ever going to hear a secretary of State or any state official say, ‘Turn off the tap, we’ve got enough federal funding,’” LaRose said. “I’m a fiscal conservative and I believe that we should be smart with our taxpayers’ dollars, but the demand is huge.”

LaRose said he expected the new funds to be sent out to the states by the Election Assistance Commission (EAC) “soon,” though an official for the EAC did not respond to The Hill’s inquiry on specific timing.

Ohio received just over $12 million of the $380 million appropriated by Congress in 2018. Much of that funding was used for cybersecurity enhancements.

LaRose said he hoped to use the news funds for “security enhancements,” including “modernizing voter registration” systems to potentially create a centralized statewide voting registration system instead of relying on the ones run by individual counties.

 “I believe wholeheartedly in the decentralized way of doing elections — it’s done at each county level — but there are built-in inefficiencies for having 88 county boards of elections do that,” LaRose said. “The other thing that having a statewide voter registration list allows us to do is to do a better job of keeping that data up to date.”

New York University’s Brennan Center for Justice estimated that Ohio’s share of the latest funding approval would total about $13.7 million.

The importance of protecting voting infrastructure was underscored in November, when LaRose’s office thwarted an attempted hack on its website on Election Day, according to The Columbus Dispatch.

LaRose told the newspaper that the attack was traced to a Russian-owned company, and that it was “relatively unsophisticated.”

Former special counsel Robert Mueller, U.S. intelligence agencies and the Senate Intelligence Committee have all concluded that Russians actors attempted to interfere in the 2016 U.S. presidential election through both hacking and disinformation efforts.

In terms of hacking, Russian actors scanned the systems of all 50 states, and successfully penetrated the voting registration database of Illinois, though no votes were changed in any states. Disinformation was also spread on multiple social media platforms.

Ohio has taken steps to combat those types of threats. In October, Ohio Gov. Mike DeWine (R) signed into law a measure that required post-election audits to ensure the accuracy of the vote count, and created a “civilian cyber security reserve” to defend against potential cyberattacks.

LaRose, meanwhile, issued a statewide security directive in June to county boards of elections to take various steps to enhance the security of voting systems. Counties were required to complete all “high priority” items by Jan. 31 as part of that directive.

“We are closing in on having that done in all 88 counties, and I’ll be able to say very soon that Ohio is the best prepared state in the nation,” LaRose said.

States nationwide have stepped up efforts to defend against election interference, particularly after the designation of elections as critical infrastructure by the Department of Homeland Security (DHS) in January 2017.

While many state and local election officials were extremely wary of that designation at the time, citing concerns over the potential to federalize elections, LaRose said coordinating with key agencies such as the FBI and DHS’s Cybersecurity and Infrastructure Security Agency (CISA) has been “very good.”

 “When they know something, they don’t sit on it,” LaRose said of CISA. “As soon as they know about something that could impact Ohio’s elections, we’ll get a call and they’ll say, ‘Hey, can you get to a secure facility? We need to do a call with you.’”

Strengthening the security of voter registration databases, which were a key target for Russian actors in 2016, is a priority for LaRose. He pointed to a state bill that would put security standards in place for those systems.

The state Senate has approved the bill, and it now awaits consideration in the state House of Representatives.

Rep. Rodney Davis (R-Ill.) introduced a similar measure in Congress last week. The measure would establish voluntary guidelines for election equipment not covered under federal election laws such as voter registration systems. 

LaRose said that while he supports the bill, he was “not waiting” for Congress to approve it; instead, he’s pushing for the state bill to be signed into law.

As the state gears up for the pivotal 2020 elections, LaRose said it doesn’t matter who’s attempting to interfere in the elections, characterizing any adversary as his “enemy.”

 “The Russians, the North Koreans, the Chinese want to undermine the credibility of American democracy, and I think that they’ll use a variety of means to try to do so,” LaRose said. “We are not going to let them do it in Ohio, and I know that my counterparts in other states feel the same way.”