In March, as part of the $1.3 trillion omnibus spending bill, Congress allocated $380 million to improve election security and the aging infrastructure that has proved vulnerable to hacking and manipulation. This was widely hailed at the time as an important step in ensuring that how people vote is how they are counted in this year’s upcoming elections.
Lawmakers across the nation praised the funding as fortification against cybersecurity threats like those that U.S. intelligence officials say came from Russian hackers in 2016. You can see how the money is being distributed at this link.
The problem is that the federal money isn’t nearly enough to do the required job, most state legislatures are unable or unwilling to fill the gap, the money was approved too late to achieve what it is meant to, and officials in many states are entangled in political, bureaucratic, or technical battles that are delaying action on voting security projects that take months—and sometimes years—to get into place.
Derek Hawkins reports:
In Minnesota, Secretary of State Steve Simon (D) told me he wants to use part of the $6.6 million in federal funds his state was awarded to hire three coders to immediately upgrade the state's aging voter registration system.
The clock is ticking: Minnesota was one of the 21 states that had election systems targeted by Russian hackers during the 2016 presidential race. With U.S. intelligence agencies warning the midterm elections are likely to be hit by another wave of cyberattacks, states are scrambling to secure their voting infrastructure by November.
But Simon says he might not get the funds he needs in time. Under Minnesota law, only the Republican-controlled legislature can release that money -- and local politics have left lawmakers in a stalemate over how to proceed. [...]
“All we need is a couple sentences from our state legislature allowing us to tap into those funds,” Simon told me. “Without that authorization, there will be $6.6 million dollars that's available for our use just sitting there.”
The 13 states that use voting machines that leave no paper trail are a key concern because these can be hacked and their results altered without leaving a trace. "They can be attacked remotely by sophisticated attackers to make them lie about the election outcome," says J. Alex Halderman, a University of Michigan computer science professor who is a leading voice arguing for robust election security.
Many of these machines were bought after the 2002 Help America Vote Act, under which the feds provided $4 billion to the states to upgrade their election hardware. The electronic approach was considered by many officials at the time to be the answer to election integrity. Now this equipment, which can’t be audited, is properly seen as a big part of the problem.
According to a March analysis published by New York University's Brennan Center for Justice, it will cost between $200 million and $400 million to replace every electronic voting machine that doesn't create a paper ballot or receipt. The researchers found that only two of the 13 states that use these paperless machines—Arkansas and Delaware—will receive enough federal money to buy new auditable machines so they can dump the old ones.
Most of the 13 states will get less than 60 percent of what it would cost to replace all the paperless systems now being used. A few will get less than 20 percent.
As a consequence, practically every laudatory comment about the $380 million being distributed to the states is couched in “buts” and “howevers.” Democratic Rep. Jim Langevinv of Rhode Island, co-founder of the Congressional Cybersecurity Caucus, was happy to see that his state is slated to receive $3 million. But, he said, this money is “just a down payment and [...] we will need to continue to make investments in securing all aspects of our voting process.”
One bill introduced last year—the Secure Elections Act, S. 2261—would facilitate communication about elections between federal and state officials and fund local election infrastructure. But despite being resurrected in March, it is still stalled.
Democracy is under assault from within and without, around the globe. An obviously crucial element of democratic systems is the guarantee that elections will be fair, and as tamper-proof as possible.
The short-term impact of these assaults is hard to measure, since it is ongoing. In the long term, if unchecked, they could have devastating effects. Not least of these would be the dismantling of trust. If citizens come to believe that election machinery itself is being used to skew outcome, inevitably fewer and fewer will vote. And that would play directly into the hands of the agents of chaos.