“Election officials are control freaks,” Weber County, Utah Auditor/Clerk Ricky Hatch said. “We always have been, and we always will be and the concept of securing the election is not new.”
Members of the Finance, Pension and Intergovernmental Affairs Committee and the Telecommunications and Technology Committee heard from Hatch and other panelists Saturday who discussed election security at NACo’s 2020 Legislative Conference in Washington D.C.
“Ransomware is what keeps me up at night and it’s not unique to elections and election infrastructure, but it’s certainly affecting state and municipality governments,” said Geoffrey Hale, director of the Election Security Initiative for the Cybersecurity and Infrastructure Security Agency/Department of Homeland Security.
During the 2016 presidential election, Russia targeted three communities: Election infrastructure, partisan organizations and social media with foreign-influenced activity, such as Facebook ads, he explained.
Since then, Hale said there has not been computer network activity targeting different sectors, but foreign-influenced social media activity has continued and was present in 2018.
“We have aligned our work to support election infrastructure, to support campaigns and partisan organizations and to counter foreign interference on social media,” he said.
Hatch explained that election officials want input on the security of their systems and encouraged constituents to visit election offices to ask the hard questions and help officials improve their systems.
“We always have been careful with our elections and we are still being careful, just in more areas,” he said.
U.S. Election Assistance Commission Chair Thomas Hicks said disinformation is hard to combat, but stressed the importance of encouraging voters to know their sources for information.
“There’s going to be issues because there’s issues with every election and I equate it to if you have a highway, you’re probably going to have one or two accidents, but you’re not going to shut down that highway or just totally demolish it,” he said.
When it comes to funding to provide resources for secure systems, Hicks said money usually is distributed to the chief election official for each state who then determines if funding reaches the local level.
“As we move forward, we need to have some sort of dedicated funding stream to the states so it’s not one of these, ‘Hey, there’s an emergency. Let’s throw money at it at the last minute,’” he said. “But also, that money should go down to, in my opinion, the local officials because they are the ones who actually run the elections.”
Hatch agreed that money is frequently getting stuck at the state level. In Utah, he said election officials have worked closely with the lieutenant governor and discussed the best uses for the funds at both state and local levels.
“If states need additional resources, then that’s the main thing we need to get out to them,” Hicks said. “That doesn’t always translate to money — that could be technical assistance as well.”
He said the ultimate goal is to make sure that voters’ confidence remains high so they know their vote matters.
Hatch encouraged county officials to sign up for the Elections Infrastructure Information Sharing and Analysis Center, a free resource which provides information about software updates and detects vulnerabilities.
“The best thing we can do is keep our message out there, talk about the controls in place and as elections officials, we remain impartial and we do our job professionally and objectively,” he said.