States and localities have bear most of the responsibility for administering American elections as laid out by the constitution. Thus, election law and practice are fairly decentralized, which prevents a single cyber attack from being able to take it down. However, this creates a situation where some localities are worse prepared for cyberattacks, and only small cracks are needed to hurt the public’s confidence in the system.
A Senate Intelligence report on cybersecurity standards during the 2016 election shared that there are several areas of weakness that an adversary could easily manipulate, such as insecure voter registration databases and aging voting machines. The report also shared that Russia had attempted to intrude in all 50 states.
Some steps that states are working to take include “hardening election infrastructure, training election personnel, testing their systems, and providing backup”.
Due to rising election threats, 2 tools are being used to validate election results: (1) bringing paper ballots back and (2) mandatory risk-limiting auditing. This is to prevent or reduce the threat of using electronic tabulation systems (the state of Virginia had to decertify some of its touch-screen voting machines after vulnerabilities were exposed during a 2017 gubernatorial race).
It is crucial that states and localities be supported in securing and upgrading their election infrastructure as they define the integrity of the entire U.S election system. This is an ongoing battle as the digital word and subsequent threats continue to evolve. But it should be highly prioritized as in order for the U.S election system to function, public confidence must exist in order to maintain voter turnout.
