IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Election Workers Face Challenges but There Is Help

In the face of concerns like AI-powered phishing, tensions around discussing misinformation and physical threats, election workers can turn to several organizations aimed at providing them with help.

In a year of unusual challenges, election workers need to be ready for everything from physical threats to cyber attacks to false narratives that confuse voters, but they don’t need to tackle it all alone.

State and national elections groups can help, said panelists during a recent FedInsider webinar. Things like planning, cybersecurity training and learning about misinformation are all important.

Mark Earley is the supervisor of elections in Leon County, Fla., and he said having a Continuity of Operations Plan (COOP) recently proved invaluable. Staff there were processing vote-by-mail ballots, when white powder spilled out of one envelope onto an employee’s hands. The team quickly put its plan into action. Following pre-determined protocols, they worked to contain the risk, turning off the ventilation system to prevent potential spread to the rest of the building before contacting law enforcement for a hazmat team. Within three hours, the hazmat team had determined the powder was innocuous.

“It was an eye opener and really stressed the importance of being ready,” Earley said.

At the minimum, COOP plans need a comprehensive contacts list. Elections can be impacted by all manner of incidents, so the more contacts officials have, the better they can respond, Earley said. The typical figures like the police, FBI and Election Infrastructure Information Sharing and Analysis Center (EI-ISAC) are helpful, but so are folks like road crews. Being in communication can prevent issues like a road crew scheduling potentially disruptive utility work near a polling place on the same day as an election, for example.

Cyber attacks are also a persistent concern, said Ben Spear, CISO for the New York State Board of Elections and former EI-ISAC director. Election offices need to watch out for distributed-denial-of-service attacks and pay attention to alerts from federal experts about vulnerabilities they should patch.

Phishing is also a major threat. This is especially true for public-sector agencies that cannot ignore emails, even odd ones, which might be from real constituents. Email gateway filtering for malicious content helps, but election departments must even check their junk folder, in case one genuinely is from a constituent, Spear said.

One useful step: raising employee awareness about phishing ploys, especially by sharing examples of phishing messages and highlighting the suspicious details, Spear said.

Generative AI can make all this worse by helping attackers automate and ramp up existing attack methods, like phishing and scanning for vulnerabilities on victims’ networks and systems, Earley said.

“It just puts those efforts on steroids,” said Earley, who also serves on the executive committees of the Election Assistance Commission (EAC)’s Local Leadership Council and the EI-ISAC.

Still, Jeffrey Baez — security adviser for data analysis software company Splunk and a former New York State Board of Elections CISO — said traditional AI can help defenders. This includes using AI for monitoring for suspicious activities in real time, triggering automated responses to certain threats and analyzing data to predict potential vulnerabilities or threats.

Election teams must also contend with confusion and false narratives circulating about election processes. It’s more important than ever for election officials to not only be tech experts but also good communicators, Earley said.  

The country's decentralized approach to elections has benefits but also is a breeding ground for confusion as voters in one state see things happening differently in the neighboring one, said EAC Commissioner Ben Hovland. In response, election officials need to be sure they’re sharing details about how election processes work and about the many safeguards already in place.

Meanwhile, the terms "misinformation" and "disinformation" have become charged for some, meaning election officials need to be mindful about how they communicate, Earley said.

But again, as officials navigate these challenges, there are places they can turn to for help and guidance.

State associations can help, as can federal organizations like the Cybersecurity and Infrastructure Security Agency and the EAC. Hovland said the EAC, for example, uses its national perspective to identify and highlight best practices so jurisdictions can learn from each other, Hovland said.

“For the election officials, I would just say, buckle up — it is going to be a ride,” Hovland said. “[But] remember that you're not alone.”
Jule Pattison-Gordon is a senior staff writer for Government Technology. She previously wrote for PYMNTS and The Bay State Banner, and holds a B.A. in creative writing from Carnegie Mellon. She’s based outside Boston.