States redesign election cybersecurity with $380 million boost
The big spending bill Congress passed last month includes a $380 million allocation to the Election Assistance Commission, and states are now looking for ways to spend that funding on more secure election systems.
Several states have reported they are now in the process of developing proposals of how their funding will be spent, including Washington and Wisconsin, two states that were targeted in the previous presidential election.
Washington state will receive $7.9 million to enhance cybersecurity and replace aging IT infrastructure, the office of Washington Secretary of State Kim Wyman announced March 29. That funding is required to be supplemented by an additional grant from the state of at least 5 percent, or about $400,000.
Each state is guaranteed at least $3 million, with additional funding based on population.
“With this funding, we’ll be able to bring new resources and technology together to improve our ongoing cybersecurity efforts,” Wyman said in a statement.
Each state has 90 days to suppply the U.S. Election Assistance Commission with a proposal of how it intends to spend the funding to improve the integrity of the election process.
States are directed by the spending bill primarily to make upgrades that replace aging infrastructure or otherwise make election results more reliable. Upgrades directed by Congress include replacing paperless electronic voting machines with paper-based machines and implementing new processes and technology for post-election audits.
Washington is one of the 21 states identified by the Department of Homeland Security to have had its election system targeted by Russian hackers leading in the 2016 presidential election. Only a small number of networks were compromised and no vote tallies are reported to have been affected, but the intrusions have prompted increased attention and investment to improve the security of state election systems.
When DHS first announced the targeting last year, Wyman reported that none of the state’s systems had been intruded and that they had been working with the FBI since discovering the targeting attacks.
Arizona and Illinois are among the minority of states whose systems were successfully hacked.
“The security protocols we already have in place made us aware of these attempted intrusions by Russian IP addresses throughout the course of the 2016 election,” Wyman said in a statement at the time.
Minnesota received a $6.5 million grant that Democratic Sen. Amy Klobuchar said will be a welcome replacement to a $1.4 million allocation made by Gov. Mark Dayton earlier in March as part of a four-year budget plan to improve election cybersecurity.
IT security posture varies widely from state to state, but no legislator or state official has dared to say that their state election system is fully protected against intrusion. State investment in cybersecurity infrastructure, planning and workforce have been on a steady incline the past two years in particular, and state election cybersecurity is expected to become the subject of increased attention leading up to the 2018 midterm elections in November.