States rushing to guard their 2018 elections against hackers may be on a waiting list for up to nine months for the Department of Homeland Security’s most exhaustive security screening, according to government officials familiar with the situation. That means some states might not get the service until weeks before the November midterms and may remain unaware of flaws that could allow homegrown cyber vandals or foreign intelligence agencies to target voter registration databases and election offices’ computer networks, the officials said. Russian hackers targeted election systems in at least 21 states in 2016, according to DHS. The scanning, known as a “risk and vulnerability assessment,” is the crème de la crème of security exams: DHS personnel come in person to do an intensive, multiweek probing of the entire system required to run an election. But department officials acknowledge that it’s of limited use if it doesn’t come soon enough for states to correct their flaws before voters go to the polls. The nine-month wait is “not a good metric” for states hoping to boost their security, admitted Christopher Krebs, one of the DHS officials leading election security efforts. ”We are working to prioritize.”
Few fault the DHS itself for the holdup, but the delay is yet another dramatic example of how the government is struggling to safeguard the upcoming election season as the clock ticks toward Election Day.
Security experts, voting integrity groups and many lawmakers have expressed dismay at the lack of action on Capitol Hill and across the Trump administration to help states protect their election infrastructure. It’s especially critical after Russian hackers raised awareness during the 2016 elections of the creaky computer networks that house voter rolls, the country’s aging voting machines and the often overburdened election officials tasked with protecting the vote.