Skip Navigation
Report

Preparing for Cyberattacks and Technical Problems During the Pandemic: A Guide for Election Officials

Summary: Election resiliency plans must take into account new realities created by the coronavirus.

cyberattack illo
MSJONESNYC

Over the past year, many state and local elec­tion juris­dic­tions have taken crucial steps to improve elec­tion secur­ity, such as repla­cing paper­less voting equip­ment with paper ballots and discon­nect­ing ballot scan­ners from networked elec­tion night report­ing systems. They have also taken steps to enable a recov­ery from poten­tial cyber­at­tacks or tech­nical fail­ures, such as requir­ing polling places to keep emer­gency paper ballots on hand in case of equip­ment break­downs.

Now, elec­tion offi­cials face the addi­tional chal­lenge of ensur­ing secure and safe elec­tions in the midst of a pandemic. Since offi­cials cannot know at this moment whether all of their voters will feel safe voting in person in Novem­ber, they must prepare for the possib­il­ity that a signi­fic­ant portion will opt to vote by mail. At the same time, they must main­tain in-person voting options, which are neces­sary for many, includ­ing some voters with disab­il­it­ies and those with poor mail service.

Deploy­ing or scal­ing up new voting options can increase the risk of tech­nical malfunc­tions, but offi­cials have no choice in the current envir­on­ment but to meet the chal­lenge. Voters are already placing increased demands on online regis­tra­tion systems and mail ballot options. At the same time, the risk of cyber­at­tacks from foreign state and nonstate actors alike remains. Many govern­ment person­nel must work and access elec­tion infra­struc­ture remotely now; so too must vendor person­nel. These changes to work envir­on­ments, if not prop­erly managed, could create new targets for those inter­ested in disrupt­ing Amer­ican elec­tions through cyber­at­tacks.

Effect­ive digital resi­li­ency plans can ensure that oper­a­tions continue and eligible citizens are able to exer­cise their right to vote even in the face of cyber­at­tacks or tech­nical malfunc­tions. This docu­ment seeks to assist offi­cials as they revise their cyber resi­li­ency plans in light of Covid19. We high­light areas that warrant heightened atten­tion, such as the resi­li­ency of websites and online regis­tra­tion tools. While we recog­nize that the pandemic raises a vari­ety of new require­ments for elec­tion admin­is­tra­tion, we focus here on resi­li­ency against cyber­at­tacks and tech­nical fail­ures. In addi­tion to assist­ing elec­tion offi­cials with their plans, this docu­ment and the accom­pa­ny­ing check­list can help advoc­ates and poli­cy­makers work­ing to ensure that elec­tion offices are prepared to handle these uncer­tain­ties.

Making the changes neces­sary to run cred­ible and secure elec­tions this Novem­ber will cost money, and we urge Congress to provide states with the resources they need to ensure that local elec­tion offi­cials can run safe and secure elec­tions this fall.

The Bren­nan Center grate­fully acknow­ledges Carter Burden III and Susan Burden, Carne­gie Corpor­a­tion of New York, Change Happens Found­a­tion, Lee Halprin and Abby Rock­e­feller, The Heller Found­a­tion, the JPB Found­a­tion, Leon Levy Found­a­tion, Craig Newmark Phil­an­throp­ies, Open Soci­ety Found­a­tions, Public Wise, Quad­rivium, Wallace Global Fund, Leslie Willi­ams and James Attwood, and Zegar Family Found­a­tion for their support of our elec­tion secur­ity work.