By Joseph Marks
A voter leaves a voting booth after casting her ballot in the state's presidential primary election in Greenfield, New Hampshire, U.S. February 11, 2020.
Americans should not be confident about the security of the 2020 election, according to a slim majority of experts surveyed by The Cybersecurity 202.
The assessment from 57 percent of The Network, a panel of more than 100
“There are no signs that any part of our institutions are capable of providing an election that is reasonably secure from tampering and manipulation,” said Dave Aitel, a former NSA computer scientist who is now CEO of the
“Every part of the voting process is vulnerable. This includes the voter registration process, the voting itself, the vote tabulation, and the results-reporting system,” said Bruce Schneier,
Cindy Cohn, executive director of the Electronic Frontier Foundation, called for “more serious security measures for voting, from registration through to reporting the results back to the central voting authority.”
The Network features experts from the U.S.
The negative assessment comes as intelligence officials warn that Russian operatives are already interfering
While there are positive signs – including that the Department of Homeland Security has surged its security work and campaigns are better-equipped to deal with threats – voting systems remain inconsistent across the country as Congress has failed to mandate any protections for elections, such as paper ballots and post-election audits.
“Although a lot of progress has been made, there are still significant vulnerabilities and dedicated adversaries bent on undermining our elections and democracy more generally,” said Chris Painter, who was the top State Department
Many experts blamed the Trump administration – and Trump himself, who continues to cast doubt on
“The current administration has gone from neglect to denying the problem exists at all,” said John Pescatore, director of emerging security trends at the SANS Institute, the nation’s largest
“We have yet to see a full-court press on election security by the Trump administration,” said Herb Lin, a senior research scholar for
Chris Finan, a top National Security Council
Others put the blame on Congress, where Senate Majority Leader Mitch McConnell (R-Ky.) has blocked Democratic efforts to mandate election
“The Senate majority leader has blocked every attempt to give authority and resources to [the Homeland Security Department’s main
Some experts pointed to the caucus night debacle in Iowa when a badly coded app crashed and delayed results for days as evidence that the 2020 vote could be chaotic. There’s no evidence that app was hacked, and the Iowa caucus was run by the state Democratic Party rather than trained election officials, but it still demonstrates the people running elections are dramatically unprepared, experts said.
They also pointed to the Nevada caucus, which came off without major technical
“The Iowa debacle and Nevada's last-minute changes to their processes suggest we are not ready for the 2020 primaries. If we can't fix systems before the general election, Americans should be deeply concerned,” said Betsy Cooper, director of the Tech Policy Hub at the Aspen Institute.
“After Iowa and the current conversations about the use of technology in the Nevada caucuses, I think it would be difficult to say with confidence that the elections will not be affected in some fashion,” said Mark Weatherford, a former top DHS cybersecurity official who is now a global information security strategist at Booking Holdings.
Other experts zeroed in on specific risks such as the approximately 10 percent of voters across the country who won’t have paper records of their votes in 2020, according to a tally by the Brennan Center for Justice at New York University.
“Voting and election infrastructure remain woefully vulnerable to compromise — and multiple states lack a paper backup for their ballots, [which is] an enormous risk,” said Laura Galante, a former top executive at the
Officials also haven’t done enough to ensure that adversaries aren’t inserting
The 43 percent of experts who said Americans should indeed be confident about the security of the 2020 election, meanwhile, mainly touted DHS’s election security work, which includes placing
“In 2016, we were largely caught flat-footed by the Russian campaign to interfere in our elections. However, in the intervening years, we have invested in our state and local
“We are considerably better off than we were four years ago. However, the threat to the electoral infrastructure and the possibility that the public will lose confidence in the process remains very real,” said Michael Daniel, former White House cybersecurity coordinator during the Obama administration and now president of the Cyber Threat Alliance.
“The good news is that most states, including the expected ‘battleground’ states, have paper ballots,” said Suzanne Spaulding, DHS’s top cybersecurity official during the Obama administration. “Americans need to understand how much progress has been made on securing the election and that there are processes in place to verify the results.”
Still, many experts who said Americans should be confident about election security in 2020 nevertheless said they worried that disinformation operations from Russia and elsewhere could dampen public confidence in the election’s result.
“Security experts, elections experts and the media
“If election security is measured by the integrity of
“While voters should have confidence in the election process itself, there is great cause for concern related to cyber voter suppression and influence,” said Steve Grobman, chief technology officer at the anti-virus firm McAfee.
While Jay Kaplan, co-founder of
Big picture: Experts on both sides stressed that Americans should not be so fearful of election interference that they don’t participate in the process.
Jamie Winterton, director of strategy for Arizona State University’s Global Security Initiative, summed it up this way: “Should Americans be concerned about election security? Yes. Should this keep Americans away from the polls? No!”
THE NETWORKMore responses to The Network survey on whether Americans should be confident about the security of the 2020 election:
“We should not have been as confident as we were about the security of
the 2016 election...
or2012... or2008 or before. The security problems of 2020 aren't new, they're just magnified. We should have been paying attention long ago.” — Steve Weber, director of the Center for Long Term Cybersecurity at the University of California at Berkeley
“Domestic and international experts are paying attention. Researchers
and manufacturers are watching for anomalies. Reporters are anxious to
publish in depth exposes. With so many different groups engaged the risk
isn't an adversary secretly changing
votes butinstead an attempt to erode confidence in the outcome." – Jeff Moss, founder and CEO of DEF CON Communications.
“For years, lobbyists
fromthe voting technology industry have been able to limit researchers' abilityto test and evaluate voting systems. … Extrapolating what we don't know publicly from the little we do know, the state of election security is extremely poor.” — Jake Williams, a former NSA hacker and founder and president of Rendition Infosec
cybersecuritydivision] has made great strides since 2016 in working with state and local governments and engaging them on improving election security. But, at the end of the day, the state and local governments need to take the steps themselves to be secure and need to know when and how to ask for help from the federal government and from industry.” — Kiersten Todt, a former White House official who’s now president and managing partner of Liberty Group Ventures
“While there is much to be worried about in foreign interference, what
worries me more is the
weaponizationof social media by domestic actors at the highest level of our own government.” — Peter Singer, a strategist at the New America think tank
- YES: “Public awareness is so high that it's hard to imagine malicious interference attempts going unnoticed.” — Maurice Turner, director of the Internet architecture project at the Center for Democracy and Technology
“[People] should have a pretty high degree of confidence in the actual
integrity of [election] infrastructure
…But they should have much less confidence in the ability of the government to implement the election well (see the Iowa caucus crash as an example). — Paul Rosenzweig, a former DHS official and founder of Red Branch Consulting
PINGED, PATCHED, PWNEDPresident Trump spoke to reporters before departing the White House on Feb. 23, claiming he had not been briefed on reports alleging Russia wants Sen. Bernie Sanders (I-Vt.) to win the Democratic presidential primary.
PINGED: Democrats slammed President Trump for retaliating against intelligence officials for briefing Congress on Russia's efforts to help him in the 2020 election. The outcry came after Trump rebuked and ousted his acting director of national intelligence Joseph Maguire in favor of a loyalist Richard Grenell, as my colleagues Shane Harris, Ellen Nakashima and Josh Dawsey reported.
“Our Intelligence officials are doing their job to protect our democracy and Trump is punishing them,” tweeted Sen. Kamala Harris (D-Calif), who dropped out of the presidential race in December.
Our Intelligence officials are doing their job to protect our democracy and Trump is punishing them.— Kamala Harris (@SenKamalaHarris) February 22, 2020
But Trump can't fire members of Congress―we must protect the integrity of our elections against Russia's ongoing interference. Our democracy is at stake. https://t.co/d6M847L7iV
Our democracy today is like the frog, slowly being boiled to death.— Chris Murphy (@ChrisMurphyCT) February 21, 2020
The President found out that Russia is secretly trying to help him get re-elected, and when the secret leaked, he took steps to tighten his grip on the information.
The burner just got turned up a notch.
In addition to not wanting to hear about Russia interfering in our election, Trump will purge those who reveal it to Congress. Our democracy is endangered when those providing background— Lloyd Doggett (@RepLloydDoggett) February 23, 2020
intel. reportsare expected to always cover the President’s back. https://t.co/XyT3Nz3NVE
Now that it appears Russia is actively supporting the campaigns of @realDonaldTrump and @BernieSanders, perhaps a CyberSpace Force should take precedence over the Space Force. Foreign influence in our elections and sowing division among Americans is a clear and present danger.— Rep. Dean Phillips (@RepDeanPhillips) February 21, 2020
Republicans, meanwhile, have criticized House Intelligence Chairman Adam B. Schiff (D-Calif.) whom they accuse of leaking classified information about the committee briefing:
Somebody please tell incompetent (thanks for my high poll numbers) & corrupt politician Adam “Shifty” Schiff to stop leaking Classified information or, even worse, made up information, to the Fake News Media. Someday he will be caught, & that will be a very unpleasant experience!— Donald J. Trump (@realDonaldTrump) February 23, 2020
Russia wants to sow discord in US politics.— Lee Zeldin (@RepLeeZeldin) February 23, 2020
Many Americans do far too much to assist Putin w/crazed rhetoric & false conspiracy theories that achieve nothing other than dumbing down Americans & sowing that discord.
This clears up a tad of
that👇https :// t.co/FbVzlfuABG
The Justice Department claims Assange violated anti-hacking laws by offering to help Chelsea Manning crack a Defense Department password to leak more documents to his organization. If found guilty of those and other charges, he could face up to 175 years in prison, my colleagues William Booth and Karla Adam report.
The MGM Grand Hotel and Casino.
MGM has not yet said how many guests’ information was exposed in the breach.
It’s also not clear how many MGM guests will join the lawsuit, and Morgan & Morgan, the law firm representing the victims, hasn’t said how much money it’s seeking. The firm also represented victims of the Yahoo and Equifax breaches.