Public, Election Officers Can keep themselves in the Dark on Hack
If the FBI finds that foreign hackers have compromised the electoral district networks, you may not be aware of that until after the election is over. The governor and other leaders of the government can also be kept in the dark.
State and local governments are required by federal law to share information when an electoral system has been compromised. And a federal policy secretes information by shielding the privacy of all cyber victims irrespective of the presence of voting systems.
Election officials find themselves in a difficult position: If someone else’s voting system is hacked, they want to know just what happened so that they can protect their own system. Nonetheless, if their own systems are attacked, they may be careful to reveal details. We must balance the need for transparency with fears that any criminal investigation will be compromised. And they want the kind of disruption hackers want to stop chaos and misunderstanding.
The confidentiality of international hackers is not a theoretical issue. The public still does not know what counties in Florida were manipulated at the 2016 elections by Russian agents. Rick Scott, Governor of Florida in 2016. Now a US senator, had not been told at the time and only this year did he learn most of the specifics.
And there is a real threat to electoral systems. In 2016, federal officials claim that Russian agents in all 50 countries have hunted for flaws in electoral systems. And the intelligence leaders in the nation warn that Russia and other countries remain keen to intervene in US elections.
However, analysts are worried that the White House has not stressed the risk because President Donald Trump believes that it is OK for outsiders to provide derogatory data about its competitors–a topic now under review by the House of Democrats.
In particular, electoral institutions are responsible for announcing when they have been hacked. This, in addition to the federal policy shielding the privacy of cyber victims, could mean this municipal election officials could not be notified immediately if one of their local polls was breached. Therefore, the whole thing could be seen as part of a federal inquiry.
At least two countries— Colorado and Iowa — have implemented policies that allow local authorities to inform the government of alleged breaches of electoral systems.
“Every American in this nation needs democracy in which he can believe, and if cyber events are not well communicated. It creates a system lack of trust, “said Jena Griswold, Colorado Secretary of State.
“We were luckily able to work around the vacuum of our country’s federal policy in a vulnerable place.” But the officials of the Department of Homeland Security say security is needed to ensure officials come forward and share sensitive risk information, such as suspected IP addresses.
Many electoral officials may be cautious about public disclosures and their institutions may be represented negatively. You can choose to deal with any compromise alone.
This may lead to dangerous delays in sharing information, said Jeanette Manfra, assistant director of cyber security in the new cyber agency of Homeland Security.
Homeland Security acts as the liaison between the intelligence community and the nations. Over the last two years, contact and cooperation on security of elections have generally improved.
“Over the years, we have managed to declassify and do it quicker,” said Manfra. “Not perfect yet,” the law enforcement officials could continue to restrict the disclosure of certain data long after the incident because of the criminal nature of cyber violations. When the current governor of Florida, Ron DeSantis, was briefed this year on cyber crimes in 2016, he said that he signed an agreement to prohibit him from naming the counties affected.
Florida’s secrecy has helped stimulate bipartisan legislation to force federal, state and local officials and voters potentially affected by an infringement to report. The Florida Democrat, co-sponsor of a bill, Rep. Stephanie Murphy, said she agrees that the voter is a target and not the elections office and that the lack of information about electoral irregularities may jeopardize public confidence.
In June, the majority of Americans expressed concern, at least according to a survey by the Associated Press-NORC Center for Public Affairs Research, that voting systems are vulnerable to hackers.
“It is hard for me to determine whether what people are doing is enough if I don’t know the full size of the problem,” said Murphy. “And I think the same question is with the voters: how can they feel comfortable and certain the next election is going to be free and fair?”
Nonetheless, election officials want to ensure that they understand well before they go public, so that they do not add to the uncertainty that hackers may attempt to achieve.
Cyber intrusions are complex, time-consuming and contentious. Inadvertently there is a risk that details can provoke more compromises or undermine an inquiry.
“It is important to be as transparent as possible, but the full detail of an investigation, as with any crime, is not discussed,” Paul Pate, Republican Secretary of State for Iowa said. Throughout 2017, California’s election officials quickly informed the government that their electoral systems were amongst those hacked by Russians the year before. “It is a balancing act that must be measured case-by-case.” Five days later, after discovering the scans, they had to correct the announcement with a non-election system. Alex Padilla, the Democrat, Secretary of State, said it was an important lesson in ensuring that all the facts were present, particularly as cyber-security terms are not familiar to the public.
Hackers accessed the voter registration database in Illinois in the summer of 2016, and officials quickly shut down this system and isolate the threat. State officials knew that the move was not going to go unnoticed and felt that notifying the public was important.
Much later it became evident that Russian agents were involved and the intrusion was part of an ongoing effort to intervene in US elections.
Matt Dietrich, Illinois State Elections Speaker, said it would be hard to imagine any electoral office today trying to keep something like that secret.
“It was a topic in 2016, and then it was treated, but then it went away for a year,” Dietrich said. “This time isn’t going to happen. It’s going to be a national and global event. We all know this. They all know this. We just know that we’re going to be under the microscope.