State election officials’ relationships with the Department of Homeland Security have grown much stronger since 2016, but it took a lot of trust-building to reach that point, a senior U.S. cybersecurity official said Saturday at the South by Southwest conference in Austin, Texas.
“We had to reach out to a community that didn’t know us and a community that is somewhat political,” said Jeanette Manfra, DHS’s assistant director for cybersecurity.
But it was a delicate process reaching out to state election chiefs — all of whom administrate their elections differently — as well as the roughly 9,000 local jurisdictions that conduct elections. At first, Manfra recalled, state and local authorities objected that the federal government would step into the decentralized election process. She said she was initially surprised by “how much they distrust us.”
“Everyone does. We’re the federal government,” she said.
Manfra said another problem before 2016 was that while DHS had plenty of cybersecurity expertise, it had little knowledge of securing peoples’ votes. Election officials, on the other hand, were not well-versed in protecting information from digital threats, she said.
Things started moving in July 2016 when election officials in a state — eventually identified as Illinois — called DHS after tracing network activity on its voter registration database to what Manfra described as a foreign “adversary,” later revealed to be Russia. Homeland Security officials like Manfra and her boss, Chris Krebs, the undersecretary in charge of the Cybersecurity and Infrastructure Security Agency, frequently retell the steps that followed that discovery of that Russian hacking attempt: the official addition of election systems to the nation’s critical infrastructure, the creation of a public-private coordinating council, and the establishment of an election-specific information sharing and analysis center known as the EI-ISAC.
In the run-up to the 2018 general election, DHS also got states to participate in several security exercises, including a three-day tabletop exercise simulating cyberattacks against election systems like voter databases and results-reporting websites. The department ran a nationwide virtual “situation room” to exchange threat intelligence on Election Day, which Manfra credited with extinguishing a false alarm about a malfunctioning voting machine.
“On the day of the midterms we had a state report to us a video on Twitter that a voting machine was casting ballots wrongly,” she said. “We identified the precinct and the machine and found it was a paper jam.”
Even though that incident in Ohio was the result of a mechanical failure rather than a cyberattack, Manfra said dispelling a viral video inaccurately reporting the situation was a good example of the benefits of collaborating on election security.
“Usually it’s the machines breaking, not an adversary,” she said “But it could have caused a decrease in voter confidence and voter turnout.”
Manfra said state and local election officials’ once-tentative relationship with DHS has solidified. She chalked up the progress in part to the department’s hiring of Matt Masterson, a former chief information officer in the Ohio secretary of state’s office, as a cybersecurity adviser.
“Just being able to bring in somebody who has been their entire career in the election community and have him work with us internally has built a lot of credibility,” Manfra said.
Approaching the 2020 presidential election, Manfra said state-federal relationship on election security is in a much better place.
“We are not there to take over their systems,” she said. “That was the biggest concern, that we were there to take over their systems. We had to work really hard to build that trust. I think we’re there now.”