Electoral integrity: Step up cybersecurity training
Beyond purging rolls of duplicate and outdated registrations and deceased voters, beyond anti-hacking technology, electoral integrity requires cybersecurity training for election officials — which reportedly is lacking in key Pennsylvania counties.
NBC News contacted county election officials in swing states Michigan, Arizona and Pennsylvania. Those in Allegheny, Philadelphia and Bucks counties — home to about a third of Pennsylvania voters — told NBC they've never received cybersecurity training.
Election security experts say such officials are particularly at risk from “spearphishing” emails, which appear to come from legitimate online firms and aim to extract user names and passwords that can be used to access and alter voter rolls. As an example, NBC cites an intelligence report obtained by The Intercept that says Russian military intelligence sent such emails to 122 local-government officials last fall.
Pennsylvania leaves election cybersecurity up to counties. But existing efforts likely have a way to go: Mercer County's elections director told NBC that 30 percent of county employees opened test phishing emails sent by its IT department.
Particularly with 2018's pivotal midterms less than 15 months away, Pennsylvania counties must step up cybersecurity efforts to ensure electoral integrity.