voting scrutiny (Bakhtiar Zein/

Threats to election likely to extend for weeks

Even after all the votes in the 2020 presidential election are counted, the Department of Homeland Security still expects ransomware attacks and disinformation campaigns targeting the election process to continue until results are certified.

"The attack surface is shifting from the actual voting process itself into the counting, the canvassing, the auditing and through the certification over the next several days and weeks," a senior official from the Cybersecurity and Infrastructure Security Agency at DHS told reporters Nov. 3.

The CISA official cited potential disinformation campaigns targeting the voting tallies and election systems as absentee and mail-in ballots are counted. Website defacement and manipulation of vote counts, including attacks on media sites, are also possible, along with denial of service attacks. Election-related system performance failures are also possible. "The highest likelihood is just continued efforts to undermine confidence in the process through sensational claims that systems are hacked when they haven't been," the official said.

All that additional stress creates room for other cybersecurity attacks, particularly at the state and local level. "There is an opportunity to target state networks with ransomware," the official said.

CISA has been the command center for election security coordination and information sharing across government on the federal, state, and local levels. On Election Day, DHS officials maintained that while they were seeing more adversarial and disinformation activity compared to prior years, that increase was due to greater communication and information sharing between federal, state and local agencies.

Election Day was filled with reports of robocalls urging people to stay home and incidents of election-related equipment, such as issues with electronic poll books.

But CISA's focus has been with keeping the public well-informed and to quell alarm.

"You could see disinformation campaigns out there, amplifying or pushing false results or outcomes trying to spin up concern or anxiety," the senior official said. "We're asking for patience and not let little things spin out of control and drive narratives that are much bigger than their actual impact."

This article was first posted to FCW, a sibling site to GCN.

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected