voting (Joseph Sohm/Shutterstock.com)

Committee urges broader election security protections

The Senate Select Committee on Intelligence is calling for states to tighten the screws on election security, urging them to move toward protecting voter registration databases with paper backups and two-factor authentication, conducting risk assessments on voting machines and deploying better sensor technology across their election infrastructure.

Paper records for voting machines have long been championed by cybersecurity experts, and the Senate Intel Committee reiterated that advice in its May 8 report.  But the committee went further, recommending the same protections for  state voter registration databases after activity around as many as six states' election infrastructure was discovered that went beyond mere scanning and targeting of public websites.

"In a small number of states, these cyber actors were in a position to, at a minimum, alter or delete voter registration data; however, they did not appear to be in a position to manipulate individual votes or aggregate vote totals," the report stated.

Furthermore, the call to install better sensor technology to detect malicious activity around election systems comes after a recent Senate hearing where a Department of Homeland Security official acknowledged that the department could not definitively say how many states were targeted by Russian hackers in the lead up to the election because some states lacked the necessary technology to detect suspicious activity.

"It is possible that more states were attacked, but the activity was not detected," the report stated. "In light of the technical challenges associated with cyber forensic analysis, it is also possible that states may have overlooked some indicators of compromise."

The report also highlighted the critical role that voting machine manufacturers play in election cybersecurity and expressed concern that "federal government authorities have very little insight into the cyber security practices of many of these vendors."

Members of Congress including Sen. Ron Wyden (D-Ore.) have pressed voting machine companies for more insight into their cybersecurity practices over the past year, finding that three of the top five manufacturers do not employ a chief information security officer. Many manufacturers have been reluctant to open their systems up to third-party review by security researchers.

This article was first posted to FCW, a sibling site to GCN.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


inside gcn

  • digital key (wavebreakmedia/Shutterstock.com)

    Encryption management in government hyperconverged IT networks

Reader Comments

Mon, May 14, 2018 Secure Our Vote

It is time to act for election security now. The cybersecurity experts are right to support paper records for voting machines but more is needed for the integrity of our vote. It is ultimately up to the states to secure our elections, and it is imperative for them to adopt paper-based systems, since paper ballots are less prone to hacks and errors. Please visit www.secureourvote.us for more information on how to take local action.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group