With the election two months away, the Department of Homeland Security earlier this month announced a working group to help states confront cybersecurity risks to their election and voting systems.
Reported hacking attempts of state voter registration rolls in Illinois and Arizona, along with the breach of computers at the Democratic National Committee, elevated worries of election tampering.
The reality, however, the working group soon learned, is that election systems are so outdated and disconnected, there is not a system for hackers to go after on Election Day.
“None of the systems are tied to the Internet,” California Secretary of State Alex Padilla told Techwire in an interview this week.
Padilla is one of four secretaries of state appointed to the DHS working group, which plans to continue meeting after the election.
Voting machines, most of which are more than a decade old, are owned by individual counties. So, even in California, counties have differing technology. Like much of the country, California voters use paper ballots to cast their vote, and those ballots and machines are under tight security protocols. Other touchscreen voting machines produce a paper receipt to verify a person’s vote.
Attempts to alter voter registration rolls also can easily be detected, election officials say. If a person shows up to vote and his or name is missing from the list of registered voters, there are procedures in place, such as provisional ballots, to ensure that voter can still cast their ballot.
That’s the message state election officials relayed during the first telephone conference call this month moderated by the Department of Homeland Security.
“Our job, so far, has been to point out there’s very little probability of tampering of election results,” Connecticut Secretary of State Denise Merrill told Techwire.
It’s also a message state election officials want to get out to the voters, some of whom will begin early voting next week in parts of the country. California voters can mail their ballots beginning Oct. 10.
The biggest threat to voting isn’t so much cybersecurity, but misinformation that might cause voters to doubt the legitimacy of the election results, said Merrill, a member of the working group and president of the National Association of Secretaries of State.
“Creating a lack of confidence in what we are doing is our greatest danger here,” she said. “This could all be pretty destructive if someone believes my vote won’t count because it’s going to be manipulated or hacked.”
The focus in California is to ensure the Secretary of State’s website is shielded from a cyberattack, Padilla said. That’s the place where Californians can find information about the initiatives on the ballot, contributions made to candidates and vote totals reported by counties on election night.
“If our website goes down, or somebody is manipulating our website, the slew of misinformation could cause a lot of havoc,” Padilla said.
The state is also working to create a centralized voter registration database, known as VoteCal, which Padilla said would employ state-of-the-art technology to defend against attempted cyberattacks.
The federal-state working group is expected to be a forum where participants can share ideas and information about cyberthreats and best practices states can employ, according to the National Association of Secretaries of State.
In their inaugural call, state election leaders told federal officials that a line of communication must be established between themselves and the Department of Homeland Security so both sides understand the election process and any potential cyberthreats.
Months after the reports that hackers tried to get into the voter registration rolls in Illinois and Arizona, state election heads complain they remain in the dark about exactly what happened and if they should take any steps to ensure a similar attack doesn’t affect their systems.
The formation of the working group is seen as an opportunity for state and federal leaders to collaborate and build a relationship, Padilla said.
“Anybody who would seek to cause havoc or chaos, they are constantly thinking of different ways to do that,” said Padilla. “So, we constantly have to be improving.”
