With the Iowa caucuses just days away, state election officials from around the country gathered this week in Washington, D.C., to drill for cyberattacks, study ransomware and learn how to work with ethical hackers.
The level of collaboration was unthinkable four years ago, when Russia-backed hackers and trolls interfered to the electoral process. Then, it took many months for federal officials to notify states that their systems had been targeted, and states bristled at the Department of Homeland Security’s 2017 designation of election systems as critical infrastructure. Now, federal and state officials are mapping out how a foreign adversary might try to undermine the democratic process, and practicing how they would thwart those attacks.
“We’re light years ahead today from where we were [in the aftermath of 2016]” Mac Warner, the secretary of state of West Virginia, said Thursday at the National Association of Secretaries of State conference.
Warner said that shortly after the U.S. military killed a top Iranian general earlier this month, DHS officials held a call with states to explain the Iranian cyberthreat and what to watch for on their systems.
“That’s the kind of dialogue we need from our federal partners,” Warner said. He and his fellows secretaries of state had just finished participating in an exercise with DHS and other federal agencies, along with election equipment vendors, in which they practiced combatting disinformation and communicating clearly with voters in the event of a cyber incident.
The goal is to seize on the deeper trust federal and state officials now have to further improve digital defenses for the November presidential election, which U.S. officials warn will draw interference attempts from multiple foreign adversaries.
While U.S. officials have not seen any increase in adversary targeting of election infrastructure recently, “we are planning as if they’re coming back,” Chris Krebs, head of DHS’s Cybersecurity and Infrastructure Security Agency, told reporters Thursday.
“The playbook is out there,” Krebs said. “It’s not just about Russia, it’s about anyone else that may want to get into this space.”
Krebs’ election-security team at DHS is rolling out new resources to state and local officials to give them a consistent and effective way to respond in the event of a cybersecurity incident, and to drill for various threat scenarios.
State and local officials also appear to be beginning to view ethical hackers, who discover vulnerabilities and help fix them, as allies in their fight to protect elections. On Saturday morning, those officials will have a chance to meet with security researchers to learn more about how they approach their work.
Trevor Timmons, CIO of the Colorado secretary of state’s office, said that a handful of states are preparing to adopt vulnerability disclosure policies (VDPs) to work with researchers to fix bugs in IT systems that support the electoral process.
He urged others to join the cause.
“This is becoming a best practice,” Timmons told state officials at the NASS conference.