IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

2022 Midterm Election Cybersecurity: Are We Ready?

As we head into the pivotal 2022 midterm elections this week, how prepared are states to ensure votes are properly counted and protected from cyber attacks? Here’s a roundup of recent developments.

ElectionSecurity_shutterstock_1159332316 (2)
Shutterstock
Over the past few weeks, the media has been full of stories regarding midterm election threats, processes, cybersecurity, misinformation, intimidation and more. Here is a sample of some of the top media reports:

Click2Houston.com: How Texas counts ballots and keeps elections secure

Excerpt: "How are voting equipment and polling places secured?

"The U.S. Election Assistance Commission certifies all voting systems and software. The Texas secretary of state also reviews and approves voting systems. Only two are approved for use in the state.

"Approved voting machines, including tabulators, cannot have the capability to connect to the Internet — a protection against hacking. Only devices known as poll books — used to check voter registrations during the check-in process at polling locations and which are also certified by the secretary of state — can connect to the Internet to ensure a person does not vote twice.

"Texas voting machines also go through multiple tests. They are tested twice before each election, including during a test open to the public, and the source code of the software is verified. Another test of voting machines is conducted immediately after elections."

WXYZ.com: Secretary of State assures voter, election safety during Nov 8 election

"Voters in metro Detroit are once again concerned over ballot counting.

"'We've got to have faith in the elections and all that and it just ... there was a lot of shady stuff going on,' Detroit voter Joseph Hardville said.

"But Secretary of State Jocelyn Benson wants to reassure voters that they are taking election security very seriously and do not want a repeat of 2020.

"'The election will be safe, secure, fair and the results will be an accurate reflection of the will of the people,' Benson said.

"Benson adds that there will be mobile response teams throughout the state ready to respond to any issues."

NBCNews.com: After a series of cyberattacks, states look to secure election results websites

"States are working to shore up what might be the most public and vulnerable parts of their election systems: the websites that publish voting results.

"NBC News spoke with the top cybersecurity officials at four state election offices, as well as the head of a company that runs such services for six states, about how they secure the sites. All agreed that while there was no real threat that hackers could change a final vote count, a successful cyber attack would be harmful for public confidence if hackers were able to breach the websites that show preliminary vote totals."

LOOKING BACK AT SECURING THE VOTE


Of course, this has been an ongoing challenge over the past six years, and the election security discussions have evolved.

Back in the spring in 2016, well before the controversies in that year's presidential election, I asked, “Could the Election Be Hacked?

“Could the 2016 presidential election be disrupted, or somehow manipulated, via unauthorized computer hacking or denial of service attacks?”

In 2018, this blog was popular: “Election Security: What Can Governments Do Now?

In 2020, we highlighted “How Election Security Has Become a Top Issue.”

And back in July of this year, I offered “5 Ways to Increase Election Security Ahead of the Midterms.”

I also considered, “Could Estonia Be the Model for Secure Online Voting?

But as highlighted by the Washington Post this past week, election security has improved since 2016. “Ever since an election security push that began after the 2016 election, election systems have fortified with $880 million in federal funding and more states have moved toward hand-marked paper ballots.”

LOOKING AT THE ELECTION WEEK AHEAD


This CNN article highlights that there are no specific or credible threats to disrupt election infrastructure in this year’s midterm contests, according to Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency (CISA). However, “it is a very complex threat environment. You have cyber threats, you have insider threats, you have rampant disinformation and, yes, very worryingly, you have threats of harassment, intimidation and violence against election officials, polling places and voters.”
Meanwhile, NBC News reported that “more than 100 state and local election jurisdictions that reached out to the federal government for help ensuring the digital security of their election-related systems have instead found themselves on a waitlist ahead of next week’s midterm elections, according to two people familiar with the backlog.”

FINAL THOUGHTS


The country is on edge as we head into the final days of the midterm elections, with physical security stories like the attack against Paul Pelosi and the attack on the home of Pat Harrigan (a candidate for Congress in North Carolina) receiving most of the media attention.

Still, as we have seen in previous elections, foreign and domestic actors seek to disrupt our elections and cause confusion and doubt in the minds of the American voters. Cybersecurity remains a top concern and state and local officials are on full alert as Americans head to the polls on Tuesday.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.