21 States’ Election Infrastructure Targeted By Russian Hackers

21 States’ Election Infrastructure Targeted By Russian Hackers

Today’s revelations from DHS that 21 state election systems were targeted by Russian hackers is troubling on a number of levels. First it should never have taken the federal government so long to share this information with the targeted states. Perhaps most disturbing is the fact that some states have told reporters that they were unaware of being targeted.

  • David Vance
Statement of Common Cause President Karen Hobert Flynn

Today’s revelations from DHS that 21 state election systems were targeted by Russian hackers is troubling on a number of levels. First it should never have taken the federal government so long to share this information with the targeted states. Perhaps most disturbing is the fact that some states have told reporters that they were unaware of being targeted.

Attempts to hack our elections are not a hoax they are a real threat but one we can and should address now not later. This is clearly a threat that is not going away and it is long past time for governments at the federal, state, and local level to take proactive steps to safeguard the integrity of our elections.

Other nations have been much quicker to respond to threat but we must catch up. The Department of Homeland Security’s designation of our election systems as “critical infrastructure” was a positive step but we must do more. In every state, we also need:

  • Voting machines that produce a voter-verified paper record for every vote. The ballot counted must be the ballot that the voter marked.
  • Robust, risk-limiting post-election audits of electronically tallied outcomes. To detect malware altered electronic tallies, election officials must hand count enough ballots to confirm the electronic outcome. Colorado will begin using these sophisticated auditing methods this November. A similar law in Rhode Island awaits on ly the Governor’s promised signature.
  • A ban on the use of electronic mail (email, web based platforms) in the voting process. We must listen to security experts who have shown that votes cast via email or a web-based platform can be hacked, altered and deleted. Because voters have no way to “check” whether their ballots were recorded correctly, ballots sent by this process are especially at risk.

We must take these steps now, not attempt to make them on the eve of the next election. And we must be flexible and vigilant going forward as our adversaries’ tactics will evolve but inaction is not an alternative.