Cybersecurity

DHS talks with states about shoring up cyber in voting systems

Jeh Johnson

DHS Secretary Jeh Johnson is conferring with state and local governments about the cybersecurity of voting systems. 

In the wake of high-profile hacks of Democratic National Committee databases and associated concerns for the cybersecurity of the country's voting infrastructure, the Department of Homeland Security has kicked off a campaign to raise awareness its cyber resources for states.

In an Aug. 15 conference call with members of state government organizations and other chief election officials to talk about the election infrastructure, Johnson said his agency was opening a Voting Infrastructure Cybersecurity Action Campaign. The initiative, he said, taps experts from the private and government sectors to get the word out on possible cybersecurity risks for voting infrastructure and processes.

The conference call was a key part of advertising the department's assistance capabilities, a DHS official said.

Johnson said on the call that representatives from the National Association of Secretaries of State had been invited to be part of the campaign. (NASS membership includes government officials from all 50 states, as well as from U.S. territories.) The U.S. Election Assistance Commission, the Department of Commerce's National Institute for Standards  and Technology and the Justice Department also participated in the call, according to a DHS statement.

After repeated hacks of DNC systems by attackers who have been linked by multiple cybersecurity experts to Russian government interests, DHS is actively considering classifying the U.S. election systems as part of the nation's critical infrastructure, much like the power grid, communications and financial services sectors. Such a move would bring voting systems, which are run mostly by state and local governments, under DHS' cyber protection umbrella.

Johnson also reminded state officials that federal agencies are available now to help gird election systems against cyberattack. The DHS National Cybersecurity and Communications Integration Center will conduct vulnerability scans, provide actionable information, and provide access to other tools and resources to help with election system cybersecurity on request.

He also advised state officials to heed NIST and EAC recommendations that electronic voting machines not be connected to the internet while voting is underway.

State officials who were on the call told FCW it was the first time they could remember that DHS had convened a discussion on election security. They said the call was productive, with the agency not only providing its advice to states for voting system cybersecurity, but with states telling DHS about their precautions in a contentious election cycle.

"The states feel, for the most part, that they're in good shape" cybersecurity-wise, as most have made sure their systems are self-contained and not Internet-facing, said one representative who agreed to speak on background.

Johnson had said in early August that DHS must "carefully consider whether our election system is critical infrastructure, like the financial system or the power grid. There is a vital national interest in our election process."

On the call, Johnson reiterated the agency was still mulling the idea, adding that DHS officials are not aware of specific or credible cybersecurity threats to systems supporting the upcoming general election. He added, however, that the situation could change quickly.

States, the call participant told FCW, are still unsure of the full implications a critical infrastructure designation and how it might affect their operations. State officials on the call asked DHS for more detail on potential effects as the election quickly approaches, with early voting in some states beginning in September.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group