DHS says teamwork is improving election security

A month out from the 2018 midterms, all eyes are on the Department of Homeland Security as it approaches its first real test since being given a broader election security mandate in the wake of the 2016 presidential elections.

Speaking at a cybersecurity event hosted by the Washington Post, DHS Secretary Kirstjen Nielsen highlighted improvements in information sharing across the federal government and with state and local officials as well as closer relationships with stakeholders that will lead to faster coordination in the wake of an emerging threat.

"First of all, the information sharing is much stronger than it even has been before," said Nielsen when asked what had changed in the department's approach since 2016. "So [we're] working very closely with the intel community, and the moment that we see something significant we are -- in conjunction with the IC -- sharing with our state and local partners. The sharing is quicker, faster, more tailored."

Nielsen said that increased deployment of Albert sensors, technology designed to detect suspicious IP addresses and malware signatures, will give DHS and election officials increased visibility into ongoing attacks. By election day, she said 90 percent of voters will cast a ballot in a jurisdiction monitored by such sensors. During the 2016 election, just 14 states had deployed such monitoring, according to Reuters.

In addition to more robust information-sharing protocols, Nielsen also cited better communication and coordination among federal, state and local stakeholders that should bear fruit in the face of an ongoing attack.

Following the 2016 election, many state officials complained that DHS waited more than a year to alert them that election systems in their state had been scanned and, in some cases, penetrated by Russian hackers searching for vulnerabilities.

In January 2018 Bob Kolasky, who now runs the National Risk Management Center at DHS, said efforts to coordinate with states about Russian cyber activity in 2016 were like "exchanging business cards in the middle of a hurricane."

Nielsen said that will "absolutely not" happen if similar activity is detected this time around.

"Now we know who to call," Nielsen said. "I know that sounds like such a basic point. Now we have everybody on speed dial."

Others are not so optimistic that administrative efforts will prevent malefactors from influencing 2018 election results. A group of security experts and hackers led by University of Pennsylvania computer scientist Matt Blaze found multiple vulnerabilities in commonly used voting equipment as part of the DEF CON Voting Village experiments. In a September report, the group detailed multiple vulnerabilities on widely used voting and tabulation equipment, including administrative passwords stored in unencrypted form, reusable voting cards, modification of email ballots and more.

DHS has increasingly become the face of election security efforts, but the actual administration of elections remains largely a state and local enterprise. Several bills in Congress that were designed to bolster the agency's cyber and election security missions, such as the Secure Elections Act and the Cybersecurity and Infrastructure Security Agency Act, have been delayed in the Senate and are unlikely to have any impact on the 2018 elections.

A majority staffer on one of the congressional Homeland Security committees told FCW in June that the department's role coordinating federal election security efforts could be further solidified or called into question based on how the midterms go.

"Now that there's so much attention on this, it will be really interesting to see what happens," said the staffer, speaking on background. "It could be a huge success story for DHS if the midterm elections go smoothly and if there's no indication of intrusions."