“They’re coming after America,” former FBI director James B. Comey told the Senate intelligence committee this month. “They will be back.” In a highly politicized hearing, this bold statement drew strikingly little partisan disagreement. Senators on both sides of the aisle have seemingly reached consensus that foreign agents did try to tamper with the 2016 election and that they are extremely likely to do so again. The question is: What do we do about it? While the ongoing Russia investigation has, understandably, received massive attention, there’s so far been scant public focus on the question of how we safeguard our electoral systems from outside interference in the future. Responding to the threat of election hacking isn’t exclusively a matter of diplomatic intrigue or international sanctions. It’s fundamentally a matter of computer science: how we harden our election technology through cybersecurity standards.
This week, we’re joining a group of more than 100 experts on election administration, computer science and national security in releasing a letter that lays out an actionable plan for safeguarding the vote. The experts include tea party Republicans and progressive Democrats, academic computer scientists and corporate security officials — all united in the view that our nation’s rough patchwork of voting security measures is wholly inadequate. One of us (Halderman) will testify Wednesday before the Senate Intelligence Committee on Russia’s attacks last year.
This shouldn’t be news to lawmakers. In the past decade, cybersecurity experts have revealed devastating vulnerabilities in every U.S. voting machine they’ve studied. In 2014, the bipartisan Presidential Commission on Election Administration sounded the alarm about an “impending crisis” of insecure voting technology. In 2015, Lawrence Norden and Christopher Famighetti of the Brennan Center for Justice at New York University showed in a comprehensive study that the nation’s voting machines are largely past their shelf-lives and deeply insecure. According to a survey of 274 election administrators across 28 states, a strong majority of election officials claim they need security upgrades to voting machines but simply lack the resources.