Election Day is over, but threats to voting systems remain

scanning a ballot (Lisa F. Young/ 

Votes are still being counted in the 2020 presidential election, and the Department of Homeland Security expects cybersecurity threats, such as ransomware attacks and disinformation campaigns targeting the election process, to continue through December.

"We're not out of this yet," a senior official from the Cybersecurity and Infrastructure Security Agency at DHS told reporters Nov. 3. "There's a counting process, a canvassing process, an auditing process, a certification process, seating in the electoral college -- is going to take us well into December."

"The attack surface is shifting from the actual voting process itself into the counting, the canvassing, the auditing and through the certification over the next several days and weeks," the official said.

The CISA official cited potential activity around disinformation campaigns targeting the voting tallies and an increased demand on election systems to continue as absentee and mail-in ballots are counted. Website defacement, manipulating vote counts, including media sites, are also possible, along with denial of service attacks. Election-related system performance failures are also possible.

That additional stress creates room for other cybersecurity attacks, such as ransomware, particularly on the state and local level.

"There is an opportunity to target state networks with ransomware," the official said. "The highest likelihood is just continued efforts to undermine confidence in the process through sensational claims that systems are hacked when they haven't been."

CISA has been the command center for election security coordination and information sharing across government on the federal, state, and local levels. On Election Day, DHS officials maintained that while they were seeing more adversarial and disinformation activity compared to prior years, that was due to increased communication and information sharing between federal, state and local agencies.

Election Day was filled with reports of robocalls urging people to stay home and incidents of election-related systems, such as issues with electronic poll books.

But CISA's concern has been with keeping the public well-informed and to quell alarm.

"You could see disinformation campaigns out there, amplifying or pushing false results or outcomes trying to spin up concern or anxiety," the senior official said. "We're asking for patience and not let little things spin out of control and drive narratives that are much bigger than their actual impact."

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected