Note: This report was published before Covid-19 radically altered the 2020 election. A more recent report, “Preparing for Cyberattacks and Technical Problems During the Pandemic: A Guide for Election Officials," factors in how the disease has disrupted November’s election. Read it here.
Introduction
America’s intelligence agencies have unanimously concluded that the risk of cyberattacks on election infrastructure is clear and present — and likely to grow. footnote1_ExOI3wvCGJKAYD—SDUC5vGczKmqlGWpSSLR9X4G-YY_xf24iwS6D4iV1See generally Senate Select Committee on Intelligence, Russian Active Measures Campaigns and Interference in the 2016 U.S. Election Volume 1, 2019, https://www.intelligence.senate.gov/sites/default/files/documents/Report_Volume1.pdf; Robert S. Mueller III, Report on the Investigation into Russian Interference in the 2016 Presidential Election, U.S. Department of Justice, 2019, https://www.justice.gov/storage/report.pdf; and Olivia Gazis, “Intel Chiefs Warn of Russia-China Alliance as Threats Grow More Complex,” CBS News, Jan. 29, 2019, https://www.cbsnews.com/news/intelligence-chiefs-provide-updates-on-worldwide-threats-2019–01–28-live-updates. While officials have long strengthened election security by creating resiliency plans, footnote2_xbOGJBgmLZiQ1i4LpsQx262s2SgGVxXohEDPJLq-pqU_pgG3PQLwIM8b2See, e.g., Wisconsin State Board of Elections, Report on Election Related Contingency Planning, 2007, https://elections.wi.gov/sites/default/files/publication/65/election_related_contingency_planning_2007_pdf_19060.pdf; Senate Select Committee on Intelligence, Russian Targeting of Election Infrastructure During the 2016 Election: Summary of Draft SSCI Recommendations, 2018, https://www.burr.senate.gov/imo/media/doc/RussRptInstlmt1-%20ElecSec%20Findings%2CRecs2.pdf. the evolving nature of cyber threats makes it critical that they constantly work to improve their preparedness. It is not possible to build an election system that is 100 percent secure against technology failures and cyberattacks, but effective resiliency plans nonetheless ensure that eligible voters are able to exercise their right to vote and have their votes accurately counted. This document seeks to assist officials as they revise and expand their plans to counter cybersecurity risks.
Many state and local election jurisdictions are implementing paper-based voting equipment, risk-limiting audits, and other crucial preventive measures to improve overall election security. In the months remaining before the election, it is at least as important to ensure that adequate preparations are made to enable quick and effective recovery from an attack if prevention efforts are unsuccessful.
While existing plans often focus on how to respond to physical or structural failures, these recommendations spotlight how to prevent and recover from technological errors, failures, and attacks. Advocates and policymakers working to ensure that election offices are prepared to manage technology issues should review these steps and discuss them with local and state election officials.
End Notes
-
footnote1_ExOI3wvCGJKAYD—SDUC5vGczKmqlGWpSSLR9X4G-YY_xf24iwS6D4iV
1
See generally Senate Select Committee on Intelligence, Russian Active Measures Campaigns and Interference in the 2016 U.S. Election Volume 1, 2019, https://www.intelligence.senate.gov/sites/default/files/documents/Report_Volume1.pdf; Robert S. Mueller III, Report on the Investigation into Russian Interference in the 2016 Presidential Election, U.S. Department of Justice, 2019, https://www.justice.gov/storage/report.pdf; and Olivia Gazis, “Intel Chiefs Warn of Russia-China Alliance as Threats Grow More Complex,” CBS News, Jan. 29, 2019, https://www.cbsnews.com/news/intelligence-chiefs-provide-updates-on-worldwide-threats-2019–01–28-live-updates. -
footnote2_xbOGJBgmLZiQ1i4LpsQx262s2SgGVxXohEDPJLq-pqU_pgG3PQLwIM8b
2
See, e.g., Wisconsin State Board of Elections, Report on Election Related Contingency Planning, 2007, https://elections.wi.gov/sites/default/files/publication/65/election_related_contingency_planning_2007_pdf_19060.pdf; Senate Select Committee on Intelligence, Russian Targeting of Election Infrastructure During the 2016 Election: Summary of Draft SSCI Recommendations, 2018, https://www.burr.senate.gov/imo/media/doc/RussRptInstlmt1-%20ElecSec%20Findings%2CRecs2.pdf.