The hearing room on Capitol Hill sounded less like a part of the laconic U.S. Senate and more like a bustling digital command center, one dominated by discussions of “hacking”, “cybersecurity” and “red teams.”
On Wednesday, state and local officials said that American voting systems face daily threats to hackers, and the 2018 mid-term elections are a potential target for digital infiltration.
The officials’ testimony to the Senate Committee on Rules and Administration underscored eye-opening security vulnerabilities to how Americans elect their leaders, and comes after a flurry of current or former defense officials warned that voting systems are a ripe target for foreign intervention.
In the past, election administrators were like “wedding planners,” said Noah Praetz, director of elections for Cook Country, Illinois, which is home to Chicago. Praetz said that in the past, his job was ensuring the right people came together at the right time. No longer.
“The 2016 election showed irrefutably that sophisticated attacks are to be expected and that we must also be cybersecurity managers,” he said.
At least 21 states were targeted by hackers during the 2016 presidential elections, according to the Department of Homeland Security. Russia is suspected of being behind the attacks. The 2018 mid-term elections are a potential target for Russian influence operations, according to Daniel Coats, the Director of National Intelligence.
“Hack us once shame on them, hack us twice, shame on us if we don’t do anything about it,” said Sen. Amy Klobuchar, D-Minn..
Local election officials testified that voter registration systems are much more vulnerable to hacking than the election infrastructure itself, such as ballot boxes. Praetz explained it was because of a “broad threat surface area” on the registration systems.
During the hearing, Democratic senators grilled Missouri Secretary of State John Ashcroft over his claim that “voter fraud is an exponentially greater threat than hacking of election equipment.” Ashcroft raised the case of two voters casting ballots illegally in 2010 which may have swayed the result of a close statewide election.
Ashcroft later acknowledged that his state receives an average of 10,000 “scans” per day, a reminder of the constant vigilance required to protect the voting systems.
These numbers troubled lawmakers. In 2016, hackers had the capacity to change voter systems just one digit to make each address different and “make a chaotic situation at the poling place,” said Sen. Dick Durbin, D-Illinois.
Klobuchar, and Sen. James Lankford, R-Okla. have proposed a bill to boost election security through stronger information practices. At least 26 states have requested more than $200 million in new funds to improve their voter security systems, according to government data.
North Korea could “hit us where we are most vulnerable, which is in the democracy and the systems that underpin our democracy,” said Eric Rosenbach, a former top official in the Department of Defense, during a recent ReCode conference. State election officials “are not equipped to be defending against the pointy tip of the spear of a nation state intel service.”
Justin Lynch is the Associate Editor at Fifth Domain. He has written for the New Yorker, the Associated Press, Foreign Policy, the Atlantic, and others. Follow him on Twitter @just1nlynch.