Election Day is over, but threats to voting systems remain

scanning a ballot (Lisa F. Young/ 

Votes are still being counted in the 2020 presidential election, and the Department of Homeland Security expects cybersecurity threats, such as ransomware attacks and disinformation campaigns targeting the election process, to continue through December.

"We're not out of this yet," a senior official from the Cybersecurity and Infrastructure Security Agency at DHS told reporters Nov. 3. "There's a counting process, a canvassing process, an auditing process, a certification process, seating in the electoral college -- is going to take us well into December."

"The attack surface is shifting from the actual voting process itself into the counting, the canvassing, the auditing and through the certification over the next several days and weeks," the official said.

The CISA official cited potential activity around disinformation campaigns targeting the voting tallies and an increased demand on election systems to continue as absentee and mail-in ballots are counted. Website defacement, manipulating vote counts, including media sites, are also possible, along with denial of service attacks. Election-related system performance failures are also possible.

That additional stress creates room for other cybersecurity attacks, such as ransomware, particularly on the state and local level.

"There is an opportunity to target state networks with ransomware," the official said. "The highest likelihood is just continued efforts to undermine confidence in the process through sensational claims that systems are hacked when they haven't been."

CISA has been the command center for election security coordination and information sharing across government on the federal, state, and local levels. On Election Day, DHS officials maintained that while they were seeing more adversarial and disinformation activity compared to prior years, that was due to increased communication and information sharing between federal, state and local agencies.

Election Day was filled with reports of robocalls urging people to stay home and incidents of election-related systems, such as issues with electronic poll books.

But CISA's concern has been with keeping the public well-informed and to quell alarm.

"You could see disinformation campaigns out there, amplifying or pushing false results or outcomes trying to spin up concern or anxiety," the senior official said. "We're asking for patience and not let little things spin out of control and drive narratives that are much bigger than their actual impact."

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected