WASHINGTON — Your vote in the mid-term elections is less vulnerable to cyber threats than it was during the 2016 presidential election, when Russian meddling took place, but experts say there are still areas of concern.
Russia remains the chief cyber threat to U.S. election security, according to more than 80 percent of cybersecurity experts surveyed for a report released this week by the Center for Strategic and International Studies (CSIS).
The report finds that a third of experts worry about Russian attacks on voter registration and voting systems, but that the biggest risk is likely cyber operations and espionage aimed at campaigns and candidates.
To address growing concerns, CSIS says 40 states have invested more than $75 million in federal and state funds to secure election systems since 2016. Virginia and Maryland are among the states that have paper ballots, which can provide an audit trail if an election system is compromised.
“Are our elections systems safer today than they were two years ago? Absolutely,” said Sen. Mark Warner, D-Virginia, vice chairman of the Senate Intelligence Committee. “And at the actual polling station … the Department of Homeland Security has done a much better job.”
Still, Warner has concerns. He noted that three companies effectively control 90 percent of the voter files across the country. And he said they have “virtually no oversight.”
“You don’t need to change somebody’s vote. If you simply change somebody from one precinct to another, people could show up and not be able to vote because they’ve been moved to a different precinct,” he said, noting that Virginia had problems with mixed up precincts in the 2017 election, though due to human error not outside influence.
Warner also praised Virginia election officials for making sure that “every voting machine has a paper trail.”
Robert Johnston, CEO of the cybersecurity firm Adlumin, said it’s clear election officials are now much more aware of potential threats, in the wake of 2016. Johnston investigated the 2016 election hack of the Democratic National Committee.
He said many this election year expected the “shock and awe” of the Russian attack from two years ago.
“They’re not seeing that now, but in no way are we in safe waters as of yet,” he said, noting that the Russians continue to utilize social media to disseminate disinformation.
But Johnston said security improvements, along with indictments of Russians by the Justice Department have helped make it clear to Moscow that the United States is going to be much more aggressive in dealing with cyber threats.
“The return on investment for the Russian Federation, for meddling in those mid-terms is pretty low,” he said.
Johnston said there is ongoing concern about the need to protect voter data bases, which are more susceptible to attacks than voting machines.
The CSIS report stated that while voter registration systems are still vulnerable to cyber-attacks, progress has been made on developing security standards, training and coordination with DHS to share information.
Voter registration systems in at least 21 states, including Virginia, were targeted by Russian hackers in 2016, though there’s no indication any voter rolls were changed.
Assistant U.S. Attorney James Gillis has been appointed the District Election Officer (DEO) for the Alexandria Division of the Eastern District of Virginia, it was announced on Thursday. He will oversee the handling of complaints of election fraud and voting rights abuses, as part of the Justice Department’s nationwide Election Day program.