The underlying mechanism of American democracy–the U.S. election system–has been under attack by foreign hackers. Special Counsel Robert Mueller last week indicted 12 Russian intelligence officers accused of interfering in the 2016 U.S. presidential election. While the Russians are charged with hacking the Democratic National Committee and Hillary Clinton’s campaign, the Department of Homeland Security found that hackers also targeted election systems in 21 states, including battleground states such as Pennsylvania, Virginia, and Florida. And while Congress approved $380 million in grant money for state election officials to upgrade their cybersecurity posture, many American states are ill- equipped to defend against cyberwar waged by nation states. That’s why Cloudflare, a San Francisco-based cybersecurity company, is offering its services free to state and county government websites that support elections, report election results, host voter registration services, and poll location information.
“U.S. elections are local–it can come down to individual people in small counties to make sure the voting is successful,” says Matthew Prince, co-founder of Cloudflare. “These are patriotic heroes and they feel alone and under-resourced. Some election officials feel like it’s them against the entire Russian hacking army.”
Prince says the program, which is called the Athenian Project, has been deployed in some 20 states so far. Cloudflare usually protects big enterprise clients like NASDAQ and Cisco, but Prince says his company’s software was used by every presidential candidate–from Bernie Sanders to Donald Trump–in the 2016 election. Every candidate but Hillary Clinton.
Prince says Cloudflare helped protect Alabama’s election websites against waves of attacks during the fiercely contested special election to replace Senator Jeff Sessions, which was won by Democrat Doug Jones over Republican Ray Moore. Hackers waged DDoS attacks on voter registration sites and tried to attack sites that report poll results. “They are trying to disrupt the confidence of the election process,” says Prince. “The attacks that occurred were less about supporting a candidate and more about attacking the confidence in the system itself.”