U.S. elections remain vulnerable to cyberattacks, officials testify to Senate panel
Reporting from Washington — U.S. elections are still vulnerable to digital interference from Russia and other countries, the secretary of Homeland Security warned Wednesday, a reminder that state and federal officials have struggled to fix potential gaps even as voters begin casting ballots in primary contests.
“The threat of interference remains and we recognize that the 2018 midterms and future elections are clearly potential targets for Russian hacking attempts,” Kirstjen Nielsen testified to the Senate Intelligence Committee.
President Trump has said little about the challenge, but Nielsen’s concerns echo recent warnings by leaders of the nation’s intelligence agencies. Her department plays a central role in efforts to safeguard the country’s critical infrastructure, including election systems.
Addressing the threat will require unraveling a thicket of overlapping issues, including who will pay to purchase more-secure voting machines and how much the federal government should intervene in elections managed by individual states.
The public hearing was part of the Senate panel’s investigation into Russian interference in the 2016 election, which U.S. officials say included attempts to hack election systems in 21 states. One state’s voter database was breached, but there’s reportedly no evidence that any votes were affected.
“In 2016, states faced a threat they never expected to confront — a hostile nation seeking to invade networks essential to the functioning of our democracy,” said Sen. Richard M. Burr (R-N.C.), the committee’s chairman.
The panel had issued several recommendations before the hearing, highlighting the need for stiffer defenses against foreign interference and better communication between local and state officials.
Sen. Angus King (I-Maine) described the Russian operation, which the Kremlin has denied, as an apparent test to see how much damage could be done to American democracy.
“It was a sophisticated, thorough, comprehensive, malign and malicious attack on our electoral system,” he said.
Since then, local and state leaders tasked with running polling places and counting ballots have seen their roles expand and evolve.
Some election officials have gained security clearances so Washington can share intelligence on potential threats, or have participated in “hackathons” to explore digital vulnerabilities in their systems.
The nation’s election infrastructure is decentralized, with states maintaining separate voter databases and using different machines. That reduces the possibility that hackers can cause widespread problems during a campaign.
But the diffuse system has made it hard to implement sweeping digital upgrades to safeguard ballots, and to determine who is responsible for handling problems.
The threat also “fell in a seam of our national intelligence infrastructure,” Burr said, and required unusual coordination between experts in Washington who analyze classified data on foreign threats and thousands of election officials around the country.
“The states need more help,” said Eric Rosenbach, co-director of the Harvard Kennedy School’s Belfer Center for Science and International Affairs. “They are not equipped to face the pointy end of the spear.”
Congress hasn’t approved any funds to help states upgrade cybersecurity or replace old voting machines. Five states still use machines that don’t print a paper record of each vote, leaving no way to check if a digital tally has been sabotaged.
“If there’s no way to audit the election, that is absolutely a national security concern,” said Nielsen, the head of Homeland Security.
Follow live coverage of the Trump administration on Essential Washington »
Sen. Mark R. Warner of Virginia, the committee’s top Democrat, said the federal government should consider identifying which states aren’t taking the appropriate steps to protect election systems.
“I believe the public does have a right to know if their state or their community is ignoring the problem,” Warner said.
U.S. officials have not publicly identified the 21 states that were targeted in 2016, and only a few have acknowledged attempted digital breaches.
“America’s the victim,” said Sen. Dianne Feinstein (D-San Francisco), who urged the Homeland Security Department to do more. “America has to know what’s wrong. If there are states that have been attacked, America must know that.”
Trump often has downplayed the Russian interference or denied Moscow’s role altogether. He gave a rare acknowledgment of the problem in response to a question at a March 6 news conference with the visiting Swedish prime minister.
“You don’t want your system of votes to be compromised in any way,” Trump said. “And we won’t allow that to happen. We’re doing a very, very deep study, and we’re coming out with some, I think, very strong suggestions.”
But senators from both parties expressed concern Wednesday that action has been slow.
“I hear no sense of urgency to really get on top of this issue,” said Sen. Susan Collins (R-Maine).
[email protected] | Twitter: @chrismegerian
[email protected] | Twitter: @evanhalper
ALSO
As foreign hackers plot next attack, Washington struggles to shore up vulnerable voting systems
McCabe firing isn’t likely to end Trump’s war with the Justice Department and FBI
More to Read
Get the L.A. Times Politics newsletter
Deeply reported insights into legislation, politics and policy from Sacramento, Washington and beyond. In your inbox three times per week.
You may occasionally receive promotional content from the Los Angeles Times.