States and local election offices need much more financial support from the federal government to create reliably secure election systems that can withstand attempts at interference from foreign governments, according to a new report.
After Russian hackers sought to interfere with the 2016 election, Congress in 2018 approved $380 million for states to help them improve election security. States are expected to spend most of the money ahead of the 2020 balloting, but the report from the Brennan Center for Justice cautions that each state faces particular challenges that won’t be resolved before the next big election.
The report, which was also sponsored by the Alliance for Securing Democracy, R Street Institute and University of Pittsburgh Institute for Cyber Law, Policy and Security, examined six states, finding that all had taken steps to shore up vulnerabilities. But in each state, big problems that come with big price tags remain, such as old voting equipment that is more vulnerable to hacking, aging voter registration systems and states failing to provide sufficient cybersecurity assistance to local governments.
Although the authors only examined six states, they said these problems and others likely exist in the other 44 states and the District of Columbia—noting it is unwise to expect state and local governments to have the resources to repel foreign intelligence agencies seeking to interfere in an election.
The release of Special Counsel Robert Mueller’s report on election meddling this spring underscored the danger, disclosing specifics about how Russian intelligence agents tried to penetrate county voting systems in Florida. A phishing attempt succeeded in at least one county, the report said. The FBI later disclosed to Gov. Ron DeSantis that voter databases were hacked in two counties, although he said no information was changed.
“At ground level, you have state and local election officials who administer our elections across the country. By and large, they do a great job. What I don’t think is fair is for these officials to be our defense against nation-state actors,” said Christopher Deluzio, the policy director for the Institute for Cyber Law, Policy and Security at the University of Pittsburgh.
The costs that come with improving election security can be seen in Pennsylvania, said Deluzio, one of the authors of the Brennan report. About 80 percent of voters in the 2018 midterms voted on paperless voting machines, which have been identified as vulnerable to hacking. While the state is moving to replace those systems, it is expected to cost $150 million, he said.
Earlier this week, Pennsylvania Gov. Tom Wolf announced a $90 million bond issue to pay for new machines that will provide a paper trail. But even with the $13 million of federal funds the state has received, that still leaves a significant gap, Deluzio noted.
Illinois, another state where Russian hackers in 2016 had some success targetingthe state’s voter database, is taking a different strategy with its $13 million in federal dollars. The state is creating a cyber navigator program to help local officials identify vulnerabilities that need to be fixed.
Deluzio said the effort is one that other states should look to replicate. But the report notes that local officials expect more money will be needed once weak points are identified.
“The takeaway here is Congress could make a worthy investment in cybersecurity,” Deluzio said.