The possibility of cyber-attacks on the U.S. election system continues to be a top priority across the country, and this past week, Radford’s voter registrar took his concerns to Washington, D.C. Tracy Howard spoke to a U.S. Senate Congressional committee that included Virginia’s Mark Warner.
He told the ongoing story on how small localities like Radford try to do their best for their voters while lacking significant resources to secure democracy against attacks from foreign entities.
“We know we are still being targeted by bad actors, ranging from Russia, North Korea, China and others,” he said. “We must be able to train effectively. We must be able to further harden our systems and entryways into local databases and systems.”
Howard was first-elected to his Radford post in 1999 and has served as the president of the Voter Registrars Association of Virginia on two occasions.
He was invited to speak in Washington by Liz Howard (no relation), a former Deputy Commissioner for the Virginia Department of Elections, currently serving as counsel for the Brennan Center for Justice focusing on cybersecurity and elections who needed a rural voice on the national panel.
The discussion surrounded the needs of state and local election officials regarding on-going cybersecurity threats.
“I was so close to and very aware of the attempted interference and infiltration of the VERIS system in 2016 as the then state president of the Virginia Voter Registrar Association,” Radford’s Howard said. “I said attempted, because unlike Florida, Illinois, and now we know Arizona, Virginia’s system was pinged, and hit, but not infiltrated,”
Local elections, he said, are indeed being targeted because the hackers know that the weak links are always the people who operate the systems.
Last week, many registrars’ offices were hit with a “teaser,” that is e-mail attempting to elicit individuals into communicating with the perpetrators to glean information.
“So, yes, it is widespread and ongoing,” Howard told the Congressional panel.
“The immediate dangers are things like key stroke recorders, denial of service malware, or ransomware attempts. Any of these on an election system would be a massive disruption,” Howard said.
The city of Radford, like most in Virginia, uses paper backups on election day.
The voting system in Radford are Dominion Image Cast Evolution (ICE) machines. They read and count a voter-marked paper ballot, then physically store the ballots and ballot images.
The key is the system is that never connected to the internet or to an internet connected network. “They are cyber-threat proof, but they are machines. Machines that must be maintained. Maintenance is not cheap. They wear out, and replacement is not cheap. They can’t be hacked, but they can be physically damaged, and security is paramount in prevention of that,” Howard said.
In Virginia and localities in southwest Virginia, this type of system makes it very safe from cyber-attacks.
But the best way to prevent infiltration, according to Howard, is continued training of the operators to recognize, avoid and report. Then we also need cyber experts locally for immediate response and mitigation.
Howard recommends voters call, write and email their Congressional representatives to ensure local election administrators have the resources to recognize and fight off foreign actors.
“As the threats become more sophisticated, so must we. We need cybersecurity help on a moment’s notice, and we need our legislators, state and federal, to recognize that free elections are not free,” he said.
The Brennan Center for Justice, which helped assemble the Congressional panel, says there must be more federal funding for state election security.
In a statement, the center said: “state and local officials are on the front lines of a cyberwar with sophisticate nation-state rivals and other malevolent actors. It is not reasonable to expect each of these state and local election offices to independently defend against these hostile nation-state actors.”