The government is currently planning a cybersecurity program that would allow federally funded national scientific laboratories to privately probe and then document security flaws existing in U.S. election technology, most of which is developed and sold by private companies, according to a senior U.S. official. Rob Karas, director of the National Cybersecurity Assessments and Technical Service team at the Homeland Security Department, said that multiple election technology vendors had already shown an interest in engaging on the effort. Karas declined to name the firms, but said the initiative will begin later this summer. The outreach process is still ongoing.
It would provide voting-technology companies — hardware and software makers alike — with a free, comprehensive vulnerability assessment report so that they can better understand how their systems might be hacked. This type of information is typically considered valuable as companies look to harden their products. The individual reports will not be made public, but rather privately offered to the companies.
In addition to providing a confidential report to the participating vendors, the federal program would also help inform the U.S. government about the technical avenues that any foreign government may target in upcoming elections.
Karas said that the goal is for these vulnerability assessments to be finished before the end of the year so that election technology companies can begin incorporating them into future products. It’s not yet clear what sort of positive impact this program can have on either the 2018 or 2020 elections.