Atlantic Council leads effort to fight election hacking
Bipartisan group says standards are needed to ensure protection
A bipartisan SAN FRANCIS CO group of federal election officials, national security advisers and a retired U.S. general have formed a coalition to fight election hacking with the aim of establishing protocols that would keep Russians and other state entities from interfering with the voting process.
At a Tuesday news conference at the headquarters of the think tank Atlantic Council in Washington, D.C., the group plans to announce it’s working on a list of necessary procedures and standards that state and local election officials must do, such as implementing digital firewalls around election data and making sure there are paper ballots to allow for auditing of all election tallies. It has given itself a 60-day deadline to produce the guidelines.
The group also plans to pressure Congress to fund the elec- tion officials’ activities “because if the states and local election officials have one gripe we have to concede to them, it’s that they’re broke. If we have a nation state attempting to influence the U.S. electoral process, then it’s the federal government’s job to pay for the defensive response,” said Jake Braun, a former senior consultant on cybersecurity at the U.S. Department of Homeland Security, who is helping organize the coalition. The goal is to have the strongest, most unhackable system in place by the 2020 presidential election, he said.
Concerns over foreign interfer- ence in last year’s presidential election were heightened by last month’s Department of Homeland Security announcement that election systems in 21 states had been targeted by Russian government hackers during the 2016 campaign.
It’s “ringing alarm bells,” said Frederick Kempe, chief executive officer of the Atlantic Council, which is leading the effort. “If we want to defend our democracy, then we need to protect our elections.”
In July, hackers at the Def Con cybersecurity conference were able to break into five voting machines in less than a day, underscoring the vulnerability of the U.S. election system.
The group also plans to release a report on how the hackers were able to so swiftly hack the ma--
“If we want to defend our democracy, then we need to protect our elections.” Frederick Kempe, chief executive officer of the Atlantic Council
chines, a feat that raised red flags because the industry that operates voting systems had always said they were more protected from intrusions because they required such specialized knowledge to run.
The voting machine hacks “destroyed that argument,” said Jeff Moss, president of Def Con and a commissioner on the The Global Commission on the Stability of Cyberspace.
The Atlantic Council is chaired by Jon Huntsman, the newly appointed U.S. ambassador to Russia. In his statement to the Senate Foreign Relations Committee last month during his nomination hearing, he said there was no question that the Russian government interfered in the U.S. election last year and that he would “not hesitate to remind government officials that they are accountable for their actions.”
Russia has consistently denied interference in the U.S. election.
Also in the coalition is the Center of Internet Security, a nongovernmental organization that is funded by the Department of Homeland Security to fund cybersecurity for states and cities.
While Russian attempts to insert itself into the U.S. political process were a surprise here, they were not news to those who have worked in the military and diplomatic corps.
“Many of our European allies have already seen this — years of Russian interference and Russian attempts to erode the credibility of the political process in Central and Eastern Europe,” said Ambassador Douglas Lute, CQ a retired three-star general who was most recently the former United States Permanent Representative to the North Atlantic Council, NATO’s standing political body, and is part of the coalition.
And if what Russia did in 2016 was bad, what it might do in 2018 or 2020 with the knowledge it gained the first time around is worse, Lute said.
By law, states must maintain statewide voter registration databases, many of which were probed in 2016.
“You can imagine a hacker could get into these databases, then do something as simple as misspelling names or transposing numbers in the address. Then when the voter goes to the polling place and shows his ID, he doesn’t even get a ballot,” Lute said.