Sicurezza

At Least Election Day Didn’t Melt Down

As Election Day passes midnight, the presidential race between Donald Trump and Joe Biden remains exceedingly close. It seems unlikely that a clear winner will emerge tonight, especially given the number of mail-in ballots that remain to be counted in key states like Pennsylvania. But in an under-appreciated act of defying the odds, the 2020 election has apparently gone off without a major hack, social media disruption, or widespread equipment failure. Imagine that.

The copacetic proceedings didn’t happen by accident or luck. It took coordinated investment over the last several years—and social media companies finally a certain amount of responsibility for what happens on their platforms.

Russia’s meddling in the 2016 United States presidential campaign season and election sparked an unprecedented push to secure election infrastructure. The effort was imperfect, and states are still dogged by a lack of federal election funding, but a relatively smooth Election Day thus far indicates that many of those security, integrity, and reliability initiatives have paid off.

Yes, Tuesday saw its share of problems, including electronic pollbook failures in Franklin County, OH and voting machine outages in Spalding County, Georgia. In both cases, though, officials were able to keep voting going by switching to paper pollbooks and manually processing paper ballots. Both local election officials, researchers, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency said on Tuesday that such snafus are inevitable in every election and don’t indicate anything nefarious.

“We are seeing historic levels of cooperation among federal agencies and state and local election officials to secure this election and to adapt to the Covid-19 pandemic,” says Mark Lindeman, acting codirector of Verified Voting, a nonpartisan nonprofit that promotes election system integrity. “All this work has borne fruit. So far, the problem reports we are seeing are on par with past elections—a tremendous accomplishment amidst harrowing challenges.”

There were some glitches; the Texas hub for voting results temporarily went down, and a software bug delayed results in Gwinnett County, Georgia. But the ransomware concerns raised recently by officials did not come to fruition. And technical hiccups or sites that go down under a surge of legitimate traffic don’t affect the underlying vote totals.

“Our election infrastructure is resilient and we have no indications that a foreign actor has succeeded in compromising or affecting the actual votes cast in this election,” DHS acting secretary Chad Wolf told reporters on Tuesday morning. “But we do remain on high alert here at DHS and CISA throughout the day and beyond to make sure that the integrity of our election infrastructure is maintained.”

Though researchers have been raising the alarm for more than a decade about woefully insecure voting machines and lack of digital defenses for other election-related systems, it took a wake-up call as dramatic and impactful as Russian meddling in the 2016 election to motivate truly large scale change. At the beginning of 2017, DHS designated election systems as critical infrastructure to unlock funding CISA could use for offering cybersecurity consulting services, audits, and training to state and local officials. And around the country election officials have worked to update and improve their digital systems, replace aging voting machines or those that don’t produce voter verified paper backups, and test their digital platforms for vulnerabilities that could be exploited to cause disruption or harm.

In 2018, Congress finally approved disbursement of $380 million from the 2002 Help America Vote Act that had been authorized but never appropriated. And the CARES Act stimulus package passed in late March included $400 million in emergency funding for election officials. But while election officials welcomed the HAVA money and needed the CARES package money to make emergency adjustments for the pandemic, researchers estimate that the federal government needs to invest upwards of a billion dollars to help election officials make all of the security and equipment changes they need, not to mention hiring more staffers with cybersecurity expertise.