Next month, the U.S. Election Assistance Commission, an independent federal agency tasked with developing standards and certifying both voting hardware and software, will review the cybersecurity standards of America’s voting infrastructure during a meeting with the National Institute of Standards and Technology, according to a Federal Register Notice published on Wednesday.
The notice comes just days after news broke that the FBI found evidence showing two separate state voter databases — Illinois and Arizona — were hacked. Attribution for those attacks remains unclear, though the technique used to exploit the systems was an SQL injection, a rudimentary attack that allows attackers to take control of web application databases.
In the wake of multiple breaches, election cybersecurity has become a hot button issue over the last several months for the Department of Homeland Security and Federal Bureau of Investigation. Homeland Security Secretary Jeh Johnson previously said that his department is weighing whether or not to reclassify election systems as critical infrastructure, a move that would likely augment election cybersecurity funding and oversight capabilities from the top down.
Several lawmakers have also subsequently called on DHS to assume increased responsibility with regard to security and data integrity of November’s contentious presidential election.
On Tuesday, FBI Director James Comey declined to answer questions Tuesday regarding the aforementioned hacked voter databases.
A cohort of voting municipalities across the U.S. rely on either digital voting systems or online data collection tools that may be susceptible to digital intrusion, explained Gregory Miller, co-founder of the OSET Foundation, a non-profit research institute focused on election integrity, security and technology, which recently briefed White House officials on the issue.
The meeting between the U.S. Election Assistance Commission and NIST, will be open to the public on Sept. 15 and 16.