Skip Navigation
Policy Solution

Securing Elections From Foreign Interference

Key Fact: To a greater degree than many realize, America’s election systems remain vulnerable. This is a product of old technology, inadequate systems, and a patchwork election administration model.

Published: June 29, 2017

Amid ongo­ing invest­ig­a­tions into Russi­a’s unpre­ced­en­ted cyber­at­tacks around the 2016 elec­tion, this report outlines specific actions Congress and local elec­tion offi­cials can quickly take to insu­late voting tech­no­logy from contin­ued foreign inter­fer­ence. The authors focus on assess­ing and secur­ing two of the most vulner­able points in the system: voting machines, which could be hacked to cast doubt on or change vote totals; and voter regis­tra­tion data­bases, which could be manip­u­lated in an attempt to block voters, cause disrup­tion, and under­mine confid­ence when citizens vote.

Amb. R. James Wool­sey, Director of Cent­ral Intel­li­gence 1993–95, wrote the fore­word for the report. He has been a key voice elev­at­ing the seri­ous­ness of the issue, and fram­ing foreign inter­fer­ence as a press­ing national secur­ity threat. 

Read the Fore­word


By Amb. R. James Wool­sey, Director of Cent­ral Intel­li­gence 1993–95

In the last few months, we have learned extraordin­ary details about a Russian assault on our elec­tion infra­struc­ture. While there is no evid­ence that this assault altered the vote count, that fact should be cold comfort as we look to protect ourselves against future attacks.

One does­n’t have to be an expert on cyber­se­cur­ity or elec­tion tech­no­logy to under­stand how danger­ous this is. Based on my exper­i­ence, as a former Director of Cent­ral Intel­li­gence, and in service to this coun­try under both Demo­cratic and Repub­lican Pres­id­ents, I am confid­ent the Russi­ans will be back, and that they will take what they have learned last year to attempt to inflict even more damage in future elec­tions. In partic­u­lar, their history of inter­fer­ing in other nations’ polit­ics, their anti­pathy to the United States and West­ern demo­cra­cies gener­ally, and their proven abil­ity to multiply the impact of their actions through cyber­at­tacks should put us on the highest alert, and spur us to take all neces­sary actions to protect ourselves from further attack.

Of course, Moscow is not the only adversary that we have to worry about. North Korea has been implic­ated in the ransom­ware attack that locked up the computers of govern­ment agen­cies and busi­nesses world­wide this May, while Al Qaeda and ISIS have a history of execut­ing cyber­at­tacks on foreign govern­ment websites. They too might be emboldened by Russi­a’s actions against us last year.

This report offers import­ant guid­ance on how to protect ourselves. In partic­u­lar, it looks at the two most crit­ical parts of Amer­ica’s elec­tion infra­struc­ture: voting machines, which could be hacked to cast doubt on the integ­rity of vote tallies, or change them; and voter regis­tra­tion data­bases, which could be manip­u­lated to block voters and cause disorder when citizens attempt to vote.

As the authors explain, much has been done to secure these systems in the last few years. But hack­ers have grown increas­ingly soph­ist­ic­ated in this time as well. And the state and local elec­tions offi­cials who are custodi­ans of our elec­tion infra­struc­ture often oper­ate with highly constrained resources.

What more must be done? The key secur­ity meas­ures detailed in this report are the right place to start: replace paper­less elec­tronic machines, upgrade the hard­ware and soft­ware that supports voter regis­tra­tion, and conduct post-elec­tion audits to confirm the results.

These are common-sense solu­tions that will increase secur­ity and public confid­ence in the integ­rity of our system. Import­antly, they will do so without inter­fer­ing with the right of any eligible citizen to parti­cip­ate in the choice of who will govern the nation.

Sadly, as polar­iz­a­tion has increased in this coun­try, even discus­sions of topics like how to safe­guard our voting systems have broken down into partisan fight­ing, with each side look­ing for an advant­age in the debate, and fail­ing to take the steps neces­sary to secure our infra­struc­ture from attack. We can no longer afford such indul­gence. As has happened at key moments in our history, we face a test from outsiders who would like to harm us. We are forced to answer whether we can, once again, lay aside our differ­ences to work together to protect the common interests of our nation.

The history of national defense shows that threats are constantly evolving. When the United States was attacked at Pearl Harbor, we took action to protect our fleet. When we were attacked on 9/11, we took action to upgrade trans­port­a­tion secur­ity and protect our ports and other vulner­able targets. We were attacked in 2016. The target was not ships or airplanes or build­ings, but the machinery of our demo­cracy. We will be attacked again. We must act again — or leave our demo­cracy at risk.