States have taken it upon themselves to bolster cyber defenses for the midterm elections instead of waiting for Congress to act. “Cybersecurity is now our focus, it’s what keeps many of us as secretaries of states and local officials up at night,” said Jim Condos, president of the National Association of Secretaries of State and Vermont Secretary of State. Hacks of states’ voter registration systems, voting machines or vote reporting systems could lead to rigged vote counts, confusion at polling booths and public distrust of results, according to interviews with voting advocacy groups, former and current Department of Homeland Security officials, and state election officials. Two dozen states lack several of the strongest measures that could protect them against cyber attacks: mandating voting machines that leave a paper trail and requirements for a post-election audit to check for accuracy of the system.
… Currently, five states use only machines that create no paper copies of backup ballots, and an additional 10 use them for some jurisdictions, according to voting advocacy group Verified Voting. Thirty-three states require post-election audits, according to the NCSL.
Condos and other voting advocacy groups say states also need sustained federal grants to purchase new election equipment with the most secure technology. The Brennan Center for Justice estimated in 2015 at least $1 billion was needed to replace outdated 20-year-old voting machines with versions that are more secure from attacks.
That means it’s up to states to make final preparations as voters head to the polls Nov. 6. “That threat model is still out there, and it hasn’t gone away,” said Marian K. Schneider, president Verified Voting and former deputy secretary for elections for Pennsylvania.