DHS Chief: ‘We Are Actively Thinking About Election Cybersecurity’

After the Democratic National Committee hack and Donald Trump’s invitation for Russia to hack Hillary Clinton’s emails, the Homeland Security Department is discussing whether elections should be categorized as critical infrastructure, according to the DHS head.

“I do think we should carefully consider whether our election system is critical infrastructure like the financial structure, like the power grid,” Secretary Jeh Johnson said Tuesday at a breakfast hosted by the Christian Science Monitor. “There is a vital national interest in our election process.”

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

If the election process becomes a critical infrastructure category, the agency would provide strategic guidance on cyber and physical threats as well as coordinate with other federal agencies, state, local and tribal governments and private-sector stakeholders.

For a presidential election, that would require coordinating with 9,000 jurisdictions with different rules for collecting, reporting and deleting votes, according to Johnson.

“I’m considering communicating with election officials across the country about best practices in the short term,” he said.

The secretary also encouraged basic employee training to recognize and avoid spear-phishing attacks, a common technique used by hackers that makes emails appear to be from legitimate organizations to gain private information or credentials.

“The most devastating, intrusive attacks by the most sophisticated actors often originate with a simple act of spear-phishing,” he said. “Employee-employer awareness, training … can make a huge difference.”