Election day was hack-free, but cybersecurity officials are still bracing for attacks
Incorrectly configured voting machines. An unexpected wave of voter turnout. Too much hand sanitizer. These are among the reasons voters in states like Georgia, Ohio and Iowa experienced delays on election day. But rest assured, cyber attacks were not among the problems, U.S. officials said Tuesday evening.
While the US presidential election results remain unclear, officials from the Cybersecurity and Infrastructure Security Agency and the National Security Agency had a more definitive result in all 50 states: Cyber attacks did not affect Americans on the last day to vote.
Hackers from Russia, Iran and China made several attempts in the months leading up to the election, including a final Iran voter intimidation email campaign. But CISA and NSA officials found cyberattack efforts on Election Day 2020 to be much calmer compared to 2016 and 2018.
“What we saw today is just another Tuesday on the internet,” a senior CISA official said on election day. “For the most part today it’s been a bit boring. And honestly, that’s a good thing.”
Throughout the day, cybersecurity officials remained on their guard against attacks. They cautiously noted during several press briefings that there was still plenty of time for a hack. Indeed, officials are still wary of disinformation campaigns or attacks on social media aimed at undermining the credibility of the system even as votes continue to be counted.
“We will remain vigilant in the face of any attempt by foreign actors to target or disrupt the current count and the final certification of the results.” The American people are the last line of defense against foreign influence efforts and we encourage patience in the days and weeks to come, “CISA director Chris Krebs said in a statement Wednesday.
Electoral security has been a major concern since Russian cyber attacks interfered with the US presidential race in 2016. Hackers stolen voter registration data in two Florida counties and accessed Emails from the Democratic National Committee, but they couldn’t affect the vote count.
Yet, as security researchers have shown how easy it is to hack voting machines and because the 2016 election showed a discordant vulnerability to democracy, the Department of Homeland Security created CISA in 2018, with a focus on securing electoral infrastructure.
It means build relationships with election officials in all 50 states in recent years. Compared to almost no communication in 2016, nearly 500 election officials on Tuesday were connected through CISA, sharing information about hack attempts or technical issues affecting voters.
“We have had four years to prepare for this one. I think the state and local authorities deserve a lot of credit for improving their systems,” CISA officials said Tuesday.
Although he remained calm on polling day, protecting the presidential race from foreign influence may become more difficult in the days after the polls close.
The CISA and the FBI have already warned against disinformation campaigns after election day, which could come from hacks on election results websites or propaganda on social media.
“The attack surface is shifting from the actual voting process to counting, prospecting, auditing and certification over the next few days and weeks,” said a senior CISA official.
The day after polling day, NSA Director Paul Nakasone said the agency would continue to monitor hacking attempts while the votes were being counted.
Millions of postal ballots have yet to be counted in several states, and the uncertainty around the results leaves a window of opportunity to cast doubt on the outcome. While CISA is able to monitor cybersecurity through sensors and reports from local election officials, containing disinformation is another matter.
Alongside electoral officials, CISA works with social networks such as Facebook, Twitter and Google who have their own disinformation management policies. The agency also created its own “Rumor control“to dispel false information about the elections.
Krebs urged U.S. voters to be patient with the voting machines at the start of election day. In the end, the agency echoed the call, this time on the social media post.
“Be skeptical and don’t share things that are not verified,” a senior CISA official said at the agency’s latest press briefing on Tuesday evening. “It’s kind of the landscape as we see it over the next few days, and even next week.”
The concern for the days ahead comes after a calm election day on the cybersecurity front, where most of the problems stemmed from technological malfunctions across the United States.
Voters in Spalding County, Ga. And Franklin County, Ohio were among the first to report problems from the electronic ballot records, causing voters to be hours behind on Tuesday morning.
Franklin County technology has malfunctioned as an unexpected increase in voter turnout created too much data to download, while Spalding County outage occurred due to an unapproved update to the latest minute that caused a problem, according to Politico.
But not all of the voting machine’s faults are due to software problems. At a polling station in Des Moines, Iowa, the ballot count was briefly delayed after voter hand sanitizer left residue on ballots and blocked a tabulator, according to Kevin Hall , the director of communications for the Iowa Secretary of State.
These delays did not affect the overall vote count, and counties also had paper backup plans in place. Constant communication with CISA between election officials helped agencies quickly identify whether the issues were from unexpected errors or from a malicious cyber attack.
“The technology is used to increase access and improve the accuracy of the voting process, but the technology is also not a single point of failure and there are resiliency measures in place that you can switch to,” said Tuesday a senior CISA official. “We are seeing the first signs of voting resilience in action.”
As Election Day began, Krebs said such problems happened in every election and urged Americans to be patient and resist the finding that their vote had been hacked.
By the end of the day, the agency was confident voters had heeded Krebs’ warning, pointing to the high turnout as evidence of confidence in election security.
Even though problems occur in every election, they can still fuel disinformation campaigns, as Russian propaganda efforts have used video of a faulty machine to claim that the 2016 election was rigged. Election officials are now looking to reduce the number of technical problems with the voting machines to help quench future disinformation efforts.
“There will be a lessons learned process that every state will go through,” said a CISA official. “We here at CISA and working with the Electoral Assistance Commission and partner states will continue to go through some of the things we see there, and there will be a lot of feedback.”