Carper Urges DHS to Protect the U.S. Election Systems from Cyberattacks

Ranking Member Carper writes letter to Department of Homeland Security Secretary Jeh Johnson about potential cyber security vulnerabilities across the U.S. election system 

WASHINGTONToday, U.S. Senator Tom Carper (D-Del.), top Democrat on the Senate Homeland Security and Governmental Affairs Committee, sent a letter to Department of Homeland Security Secretary Jeh Johnson regarding the potential of cyber security vulnerabilities in voting machines and other information technology utilized in election systems across the United States.

Reports indicate that foreign actors may have been involved in recent cyberattacks against the the Democratic National Committee and the Democratic Congressional Campaign Committee, which raise concerns about the intent and ability of foreign actors and adversaries to interfere in the American political process through cyber attacks. Last week, Secretary Johnson indicated that the Department of Homeland Security was considering what actions DHS could take to better secure election systems at the state and local level. 

“Election security is critical, and a cyberattack by foreign actors on our election systems could compromise the integrity of our voting process,” Senator Carper wrote. “The American public should have confidence in our current election systems and the efforts of state and local governments that have made the risk of voter fraud and a successful cyberattack remote. At the same time, the federal government can play a supporting role in helping address the potential for these types of attacks. Designating election systems as critical infrastructure could improve and expand our nation’s ability to prevent and to respond to potential cyberattacks originating both from inside or outside our borders. As such, I commend your efforts to carefully consider this issue and urge you to make this determination as quickly as is feasible.”

The full text of the letter can be found below. 

August 8, 2016 

The Honorable Jeh Johnson
Secretary
U.S. Department of Homeland Security
Washington, DC 20528

Dear Secretary Johnson: 

I write today regarding the recent cyberattacks on American political organizations and the potential vulnerability of election systems and voting machines in the United States to similar attacks. 

As you are aware, recent reports indicate the Russian Federal Security Service and Russian military intelligence may have been involved in the recent cyberattacks against the Democratic National Committee and the Democratic Congressional Campaign Committee. If these reports are accurate, such an intrusion raises concerns about the ability of foreign actors to interfere in the American political process during the upcoming election, including through cyberattacks targeting electronic voting machines or the information technology of state and local election officials.

Recently, you indicated that the Department of Homeland Security (DHS) is considering whether to designate election systems in the United States as critical infrastructure.[1] While I am not aware that DHS has publically identified a specific or current cyberthreat related to election systems, concerns regarding the security of election-related information technology have persisted for some time. As far back as 2004, the United States Computer Emergency Readiness Team identified vulnerabilities in voting machines that would allow malicious actors to modify vote totals.[2] Other entities, including the Argonne National Laboratory and the Virginia State Board of Elections, have identified issues that left certain electronic voting machines vulnerable to physical or wireless intrusion without detection.[3] Additionally, the Central Intelligence Agency has reportedly monitored foreign countries’ use of electronic voting systems and identified attempts to manipulate election outcomes in those countries.[4] 

Election security is critical, and a cyberattack by foreign actors on our election systems could compromise the integrity of our voting process. The American public should have confidence in our current election systems and the efforts of state and local governments to make the risk of voter fraud and a successful cyberattack remote. At the same time, the federal government can play a supporting role in helping address the potential for these types of attacks. Designating election systems as critical infrastructure could improve and expand our nation’s ability to prevent and to respond to potential cyberattacks originating both from inside or outside our borders. As such, I commend your efforts to carefully consider this issue and urge you to make this determination as quickly as is feasible. 

You also indicated that DHS is considering communicating with state and local election officials to inform them of best practices to guard against cyber intrusions related to electronic voting machines. As the federal agency that has expertise to assist state and local governments with cyberthreats, I encourage you to move quickly to provide appropriate technical assistance and any other support to state and local jurisdictions that request assistance with the cybersecurity of their election systems. I also ask that you coordinate your efforts with the National Institute of Standards and Technology, the Election Assistance Commission, and other relevant agencies involved with the security of election systems.

Finally, I ask that you make the appropriate DHS officials available to brief me and my staff on this issue and efforts to ensure our election systems are secure. 

As you know, cybersecurity remains one of our nation’s biggest security challenges, and it is vital that we do what is necessary to protect ourselves and our democracy from these potential threats. Thank you for your attention to this matter. 

With warmest personal regards, I am 

Sincerely yours,              

Tom Carper

Ranking Member

 

cc:      
The Honorable Ron Johnson
Chairman 

The Honorable Willie May
Director
National Institute of Standards and Technology 

The Honorable Thomas Hicks
Chairman
Election Assistance Commission

1 Jeh Johnson, Secretary, Dep’t of Homeland Security, Remarks at the Monitor Breakfast (Aug. 3, 2016).

2 Cyber Security Bulletin SB04-252, United States Computer Emergency Readiness Team (Summary of Security Items from Sep. 1-Sep. 7, 2004).

3 Suggestions for Better Election Security, Argonne National Laboratory (Oct. 2011); Security Assessment of Winvote Voting Equipment for Department of Elections, Virginia Information Technologies Agency – Commonwealth Security and Risk Management (Apr. 14, 2015).

4 Standards Board Meeting, United States Election Assistance Commission (Feb. 27, 2009).

 

###

Print
Share
Like
Tweet