On Tuesday, September 13, 2016, the House Committee on Science, Space, and Technology held a hearing focusing on protecting the 2016 elections from cyber and voting machine attacks.
The hearing comprised a panel of experienced election professionals, some from the scholarly arena with research backgrounds, and others from the governmental sector boasting vast experience in promulgating standards and administering elections.
On the panel was 1) Dr. Charles Romine, Director of Informational Technology Laboratory at the National Institute of Standards and Technology. 2) Hon. Tom Schedler, Secretary of State of the State of Louisiana. 3) David Becker, Executive Director of the Center for Election Innovation and Research. 4) Dr. Dan S. Wallach, Professor in the Department of Computer Science and Rice Scholar at the Baker Institute for Public Policy at Rice University.
The presented goals were to improve preparedness, improve physical security of actual voting devices, and to secure against cyber-attacks of our voting databases.
Dr. Romine focused on preparing for elections in a manner similar to preparing for natural disasters. He believes having a cybersecurity contingency plan in place is the best mechanism to seamlessly continue to conduct election activities even in the event of an attack.
Secretary Schedler, focused on more practical aspects of voting, the machines. He discussed the process of vetting the employees who deliver, work on, and manage the machines, as well as stating the machines are never connected to the internet, and thus unsusceptible to cyber-attack. He notes there could be a physical attack on an actual machine, but that is less likely to occur as they are heavily monitored, and each is independently programmed.
Mr. Becker approached election security in a distinctive manner. While not focusing solely on election day, he noted securing our voter registration data is just as vital to having integrity in the election process. He stated for the most part election days are secure. They are highly decentralized, and there is no single entry point for a hacker. Machines are kept securely, and not connected to the internet so it would require physical access to hack them, and lastly, 75% of voters use paper ballots, or use electronics and paper so there is always a hard-copy record. Also, many battleground states (VA, WI, AZ, CO, FL, NV, NM, PA, OH) require paper ballots to be counted as the official record in the event anything happens.
Lastly, Dr. Wallach focused on the decentralization of the system as an instrument to secure the elections. Having varying devices and mechanisms to administer elections helps protect us all. He does emphasize the vulnerabilities of voter registration databases which are online and could be a potential target for hackers. He credits the Help America Vote Act of 2002 (HAVA) for creating standards and funding new equipment for election security.
While the panelists addressed problem areas, and methods to better improve election procedures, largely all panelist have great confidence in the security and integrity in the election system as a whole. Relying on paper as a backup to protect against vote loss in the event of computer malfunction and having emergency preparedness policies in place are an added level of reinforcement to secure our elections.