As millions of people across the country vote in eight
different primaries today, state officials are working hard to secure
the elections from hackers. But officials say there’s a more pressing,
albeit abstract, challenge: Keeping voters confident that their vote is safe.
The U.S. intelligence community has concluded that a major goal of Russia’s campaign to interfere in the 2016 presidential election through cyberattacks on 21 states and national political organizations was to undermine public faith in the U.S. democratic process. By that count, election officials say, they're already succeeding in this cycle — without breaching a single system.
Just the fear of digital sabotage — and the perception that voting machines are hackable — is enough to scare voters into a lack of confidence in the democratic process, election officials lament.
“What
terrorists do is instill fear into the general population — if they’ve
done that they’ve accomplished their goals,” said Alex Padilla,
secretary of state of California, which holds its primary Tuesday.
That's why election interference, Padilla says, is "in and of
itself is an attack on our democracy. Any enemy, foreign or domestic,
that’s trying to sow doubts, that’s a form of voter suppression."
He adds: "The best way to overcome that is to get as many people out to vote as possible.”
Officials
say the way to do that is to communicate the best and most
accurate information to voters. But that can be a challenge.
They must be clear-eyed and transparent about the threat and the need to upgrade vulnerable election systems.
After all, U.S. intelligence chiefs have warned Russia is still trying
to sow divisions among voters with a social media disinformation
campaign and even potentially trying to infiltrate election systems to
steal voter information or change data. There's no evidence of any
successful state breach so far, though Tennessee has already weathered a cyberattack
that caused a county election results website to go dark for an hour
during a May primary and it's not clear who was behind it.
But they also need to spread reassurances.
“I’ve
gotten calls from voters who you could tell had just been watching the
news and were calling with concerns like, ‘How do I know my vote is even
going to count?’ ” said Matt Dietrich, public information officer for the Illinois State Board of Elections. “When
the state board of elections has to reassure people that elections
aren’t rigged, that shows there was some success in sowing the seeds of
doubt, if that was the goal.” (Illinois does not have a primary today but is working hard to secure its elections before the midterms.)
Cybersecurity is an incredibly complex topic -- and the nuances are
sometimes hard to get across in the headlines or in politicial punditry.
So officials say they are working hard to correct several common
misconceptions about election security.
Misconception 1: It's very easy for foreign governments to hack electronic voting machines.
Direct-recording
electronic voting machines, or DREs, are frighteningly easy to hack
-- provided you know what you’re doing and you can get your hands on
one. When researchers at DefCon, a popular hacker convention in Las
Vegas, were presented with an array of them at last summer’s meeting,
they had no trouble breaking into them. Experts warned that, in light of the Russia threat, these hacks showcased a serious national security threat.
But
in an actual election, those machines are not on display, ready to be
hacked by trained professionals in Las Vegas. They are protected by
layers of physical security — including locks, tamper-proof seals, video
surveillance and activity logs — that would make it extremely difficult
for anyone to tamper with them. So while experts agree the 13 states
that use them should get rid of them in favor of paper ballots, they
say it's important to stay sober about the threat of actual tampering.
“There’s always a risk, but in order to hack those machines there
almost always has to be some element of physical access that's needed at
some point, and isn’t as easy as it might sound,” said David Becker,
director of the Center for Election Innovation and Research, a nonprofit
focused on improving election administration.
Misconception 2: When hackers target election systems, it means they’re trying to change people's votes.
The Department of Homeland Security revealed last
fall that hackers targeted state election systems, breached a voter
database in Illinois and stole login credentials from a county election
official in Arizona during its 2016 interference campaign. Election
officials and experts I’ve spoken with say they’ve heard from many
voters who took that to mean that individual votes had been changed. But
there’s no evidence of that. In reality, the hackers were likely
probing for vulnerabilities that they could exploit down the road, as
officials and congressional investigators have concluded.
Tammy Patrick, senior adviser at the bipartisan advocacy group
Democracy Fund, said voters need to understand that the election systems
the hackers targeted are physically separated from the actual equipment
that’s used to record and tally votes.
“By filling in an oval or
using a touch screen DRE or dropping a ballot in a mailbox, the voter
is casting the vote and that vote being counted is one system,” she
said. Everything else — from voter rolls to campaign finance reports to
candidate filing information — is stored elsewhere. “Often people
conflate the two,” Patrick said. “There’s been a bit of a learning
curve, now that there are nation-state adversaries that we’re talking
about here.”
Dietrich, of the Illinois State Board of Elections,
said he has had to address that same confusion with voters. “When you
cast your vote on Election Day, it’s safe and it’s going to be counted,”
he said. “It’s not an issue of outside agitators trying to steal and
change votes and throw elections. It’s a matter of them trying to get
into voter registration systems and wreak some havoc.”
Misconception 3: States are going it alone when it comes to securing elections.
It's
true that state election officials have long bristled at federal
intervention in the way they administer elections. And there were big
headlines when some states rebuffed
the Department of Homeland security's offers to help secure voter
registration databases ahead of the 2016 election. When the Obama
administration decided to designate election systems part of the
country's “critical infrastructure” last year, many balked at the move and argued it was federal overreach.
But
tensions have thawed in recent months, and some election officials are
trying to get the word out that they are being collaborative.
“The
partnership between secretaries of state and the federal government is
getting better,” Minnesota Secretary of State Steve Simon told me. “The
Department of Homeland Security has worked with my office on various
testing exercises, both in person and from remote locations, which have
helped us to identify improvements to our cybersecurity. DHS has also
urged me and my counterparts to obtain security clearances, which I’ve
now done, to enable us to receive classified briefings and threat
assessments. Additionally, DHS has set up an ongoing panel, of which I’m
a member, that allows states to communicate with all levels of
government regarding election security.”
DHS officials have conducted vulnerability assessments in states
across the country, and are working with state and local governments to
share information about cyberthreats through channels that didn't exist
in 2016. And in a congressional hearing
earlier this year, Homeland Security Secretary Kirstjen Nielsen said
her agency's communication with state officials has improved vastly in
the past two years.
“Today I can say with confidence that we know
whom to contact in every state to share threat information,” Nielsen
said. “That did not exist in 2016.”
Tidak ada komentar:
Posting Komentar