What the Senate Needs to Ask During Its Election Security Briefing

The Russians were able to probe at least 21 states’ voter registration databases records in 2016. Recent reporting has shown that at least two counties in Florida were breached as well by foreign actors gaining administrative access through a commercial vendor. While there is no evidence that these attempts changed voter records and no evidence that any vote choices were compromised, the registration databases and third-party vendor community are weak points in the process that remain going into 2020.

Here’s why:

The databases generally have multiple authorized users in every individual jurisdiction within a state. It only takes one stolen password to get into the database.

In most states, voter registration databases interact with other state-based databases, including those maintained by the state’s motor vehicles department. This interaction opens additional vulnerable points of entry.

While voters registering via online voter registration are not directly touching the state voter registration database because all new registrations and updates are verified by election administrators before being added to the backend databases, this necessary public facing portal can be a weak point through which an attack can be made. Furthermore, there  have been instances of identical-looking webpages with a different URLs set up to mirror the online voter registration system. These pages are used to harvest data from voters seeking to register. While these are not cases of hackers penetrating the voter registration database, eligible voters can be prevented from successfully registering.

Moreover, an attack on a registration database is low-risk, high-reward. A successful hacker from anywhere in the world can wreak havoc on Election Day by altering voter files or deleting voters entirely from the rolls, creating long lines and disrupting confidence in the election system.

States have only been required to have statewide databases since 2002, but the federal law mandating them allowed states to devise their own systems. At the time, cybersecurity was not the concern it is today. So-called top-down systems maintained by the state and bottom-up systems maintained by local jurisdictions both have unique pros and cons, but the top-down systems handled by state IT professionals may provide better security.

There are two main types of voting systems: electronic and paper-based. The direct recording electronic (DRE) voting systems also tally the votes as voters cast their ballots on touch screens. The voter and election official have no way to independently verify that the DRE systems are recording votes accurately and there is nothing to go back and audit. Post-election checks of DRE results merely constitute re-tabulating the memory cards.

Paper-based systems are generally composed of hand-marked paper ballots that are inserted into optical scanners at the polling place. These scanners tally the vote in the polling place, but if there are discrepancies, the votes can be tallied by another scanner or by hand and eventually audited for accuracy.

Voting systems that produce an independent paper record provide more confidence about election outcomes to voters and election administrators. Voter verifiable paper ballots can be counted by different vote counting technology or by hand, features not available on direct recording electronic voting systems. Paper can be audited to provide a statistical report about the accuracy of the vote count. Congress has in the past provided dedicated money to replace lever voting machines and punch card devices. It can provide money to transition away from DRE systems to paper-based ones.

States and local entities have been consolidating IT infrastructure to ensure that trained experts are at the helm in various areas of public administration. Election administration could be the next frontier, especially where there are small election jurisdictions trying to independently secure their IT systems. With a push from Congress, states could explore ways to allow these jurisdictions to band together around IT infrastructure and cybersecurity training.

First, everyone needs to take a breath on election night. Initial results are not final results. Local jurisdictions may transmit these results from polling places, relying on extremely tired poll workers not to make any transcription errors. Give the administrators time to verify all the results from the polls.

It’s also important to understand that many ballots in states are not able to be included in election night results. Some states do not report vote by mail ballots on election night or receive ballots up to a week after election day. Provisional ballots cast in polling places are never adjudicated on election night.

While tensions may run high, all political actors should refrain from the impulse to criticize the vote counting process on election night and in the days following as uncertified results shift in one direction or the other. It is not evidence of unfairness in the process; it is in fact a feature of making sure all eligible votes are accurately counted.