Florida governor orders statewide review of election cybersecurity

Gov. Ron DeSantis ordered the state and all 67 counties to review their security after learning Russian hackers had successfully breached two counties' voter databases in 2016.
Florida Gov. Ron DeSantis
Florida Gov. Ron DeSantis (State of Florida)

Florida Gov. Ron DeSantis on Wednesday ordered the state government and all 67 counties to review the security of their election systems, with a particular focus on cybersecurity.

The order came eight days after DeSantis disclosed that hackers linked to the Russian government successfully penetrated election officials’ files in two counties during the 2016 presidential election.

“While the breaches did not compromise the outcome of the 2016 election, nonetheless, they highlight the importance of protecting the security of our elections system,” DeSantis said in a press release.

DeSantis’ announcement was accompanied by a letter to Florida Secretary of State Laurel Lee, whom the governor asked to begin a review of the security of statewide and local election systems. “The Department [of State] shall develop a plan to identify and address any vulnerabilities,” the letter reads.


Neither the letter nor the press release goes into detail about how extensive the review will be.

Florida received a $19.2 million grant last year from the U.S. Election Assistance Commission last year to upgrade voting systems. While then-Secretary of State Ken Detzner initially planned to use that money over a five-year period, Gov. Rick Scott ordered most of it to be spent immediately. In total, the Florida Department of State distributed $14.5 million in security grants to county election supervisors last year.

According to the governor’s office, Florida is now equipped with more Albert sensors, network intrusion-detection devices sold by the nonprofit Center for Internet Security, than any other state.

Knowledge that hackers from Russia’s Main Intelligence Directorate, or GRU, used a spearphishing technique to access voter registration databases in Florida during 2016 was first disclosed last month in the report by Special Counsel Robert Mueller. Though the Mueller report did not name the counties that were breached, DeSantis said May 14 that federal officials had identified them to him, though they asked him to sign a non-disclosure agreement, despite his personal preference to publicly name the counties.

The Washington Post reported last week that one of the victims was Washington County, home to about 25,000 people on the Florida panhandle. The other county’s identity remains publicly unknown.


In total, GRU hackers sent about 120 emails to county election officials across Florida in the closing days of the 2016 presidential race, according to the Mueller report.

“Public faith in our elections is the bedrock of our democracy and we must do everything within our power to preserve the integrity of our elections systems,” DeSantis wrote in his letter to Lee.

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts