Elections experts say cybersecurity threats demand federal funding | TribLIVE.com
Politics Election

Elections experts say cybersecurity threats demand federal funding

Deb Erdley

Unfunded cybersecurity needs are leaving state and local election officials to stand on the front lines of threats from sophisticated international interests, a new report asserts.

“Defending Elections,” a report from the Brennan Center for Justice, highlights growing concerns that myriad unmet security needs pose a threat to fair elections.

Christopher R. Deluzio, policy director of the University of Pittsburgh Institute for Cyber Law, Policy and Security, was among five researchers who collaborated on the report. He said a close look at efforts under way in six states — Alabama, Arizona, Illinois, Louisiana, Oklahoma and Pennsylvania — underscored the challenges elections officials face, from the need to purchase new voting machines that will create a paper record, to developing systems for post-election audits, addressing emerging cyber vulnerabilities and upgrading voter registration systems.

Part of the problem is the cost of underwriting new voting machines as states and counties struggle to meet the timeline to have systems with paper backups in place in time for the 2020 presidential primaries.

In Pennsylvania, where voting machines are purchased at the county level, Deluzio said the $14 million federal grant that was doled out to counties will finance only about 10% to 12% of the estimated $150 million needed to replace voting machines across the state.

The cost and uncertainty about additional subsidies to defray the estimated $8 million-plus cost of new voting machines in Westmoreland County recently prompted county commissioners there to walk back the timeline for the purchase and implementation of a new system, from this fall’s general election to next spring.

Deluzio said reports from national security agencies that Russian operatives targeted election systems in Pennsylvania along with several other states, and the Mueller report’s finding that they gained access to the Illinois State Board of Elections registration database, emphasize the threat.

This month, the New York Times reported concerns that both campaigns and elections remain at risk from hackers.

Edward Felten, an election security expert and computer science professor at Princeton University, said campaign organizations and voting equipment are unlikely to be prepared to deflect another nation-state cyberattack in the 2020 cycle.

“The bad guys have had more time to spend on this and more time to develop new tricks,” Felten, who studies election cybersecurity, told the Times.

David Salvo and Rachael Dean Wilson, researchers from the bipartisan Alliance for Securing Democracy, collaborated on the new Brennan Center report. They said it would be a mistake to underestimate the importance of such efforts.

“Election security is a national security imperative for our democracy — and it’s dependent upon the election systems of 50 state governments and the vigilance of election officials in over 10,000 election jurisdictions across the country,” they wrote.

Salvo and Wilson said federal funding will be required to make continuing upgrades to the security of the nation’s election infrastructure.

“There are plenty of things that ought to be done in Pennsylvania and elsewhere for the money to come from Congress,” Deluzio said. “It seems a little unfair to me to ask county election workers who are hardworking folks to be cyber warriors on the front lines of a battle against nation states.”

Deb Erdley is a Tribune-Review staff writer. You can contact Deb at 724-850-1209, [email protected] or via Twitter .

TribLIVE commenting policy

You are solely responsible for your comments and by using TribLive.com you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.