IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Election Security Needs Increased Federal Investment

A report published by the Brennan Center warns that states and localities are ill equipped to defend themselves against the sophisticated, well-resourced intelligence agencies of foreign governments.

Foreign interference is still an ongoing threat to state and local election security and can only be guarded against through increased federal assistance, warns a recently published report.

Defending Elections, published by the Brennan Center for Justice, claims that state and local governments are on the "front line" of a "cyberwar" with foreign actors and hackers. 

Ever since the 2016 Russian intrusion into the U.S. presidential election, concern over voting system integrity has been a top priority for officials at all levels of government as well as the American public. With recent news that Russia's efforts were far more extensive than initially believed, it isn't hard to see why states are looking to bolster their cybersecurity. 

For years, one of the biggest programs to increase election security has been the Help America Vote Act (HAVA), a George W. Bush-era federal law which last year provided $380 million in federal grant funding to assist with election security for state and local governments. 

States spent only around 8 percent of this funding during the 2018 elections, but are on track to spend the vast majority of it during 2020, according to The Washington Post

HAVA, which has been providing assistance since 2002, still does not do enough to satisfy the actual security needs of most states, according to the new report. 

Many state and local governments have “substantial election security needs that likely will not be met absent additional federal support,” according to the report. It further concludes that these governments are “ill equipped to defend themselves against the sophisticated, well-resourced intelligence agencies of foreign governments.” 

Those foreign governments may include Russia, China and Iran, according to Trump officials, who feel that a whole host of countries may attempt to inject their influence into the 2020 presidential election. 

The Brennan report looks at the needs of a representative sample of states, including Alabama, Arizona, Oklahoma, Illinois, Louisiana and Pennsylvania; detailing the federal allocations they received last year, and the areas that will still need further investment. 

Arizona, for example, received over $7 million in funds from the federal grant in 2018, the bulk of which went toward investing in cybersecurity, including an IT infrastructure security assessment and increased inter-agency information sharing. The funds were also used to help replace the state’s voter registration database. 

However, the state ultimately needs further investment to replace its legacy voting systems, which many experts consider to be a liability due to their use of outdated software that may not receive consistent security patches. 

Other states, like Oklahoma, spent millions in federal funding to upgrade their voter registration databases and security, as well as on new election system equipment and cybersecurity training. However, more funding is needed to ensure post-election audits, as well as upgrades to voting equipment and the state's voter registration virtual private network.  

For many states, like Pennsylvania, further investment is needed in basic cybersecurity assessments and trainings, which give elections staff the skills necessary to identify vulnerabilities and avoid spear-phishing campaigns. 

“While the 2018 grant provides necessary funding for foundational election security projects, some of which will directly benefit local officials, it is simply not enough to also pay for projects that would provide or subsidize cyber services and more secure voting equipment to local election officials,” the report reads finally.  

“States should not be expected to defend against such attacks alone,” the report concludes. “Our federal government should work to provide the states with the resources they need to harden their infrastructure against cybersecurity threats.”

Lucas Ropek is a former staff writer for Government Technology.