Security in our Decentralized Election System: News from DHS

Christopher Escobedo Hart
Foley Hoag LLP - Security, Privacy and the Law
Contact
LinkedIn
Facebook
X
Send
Embed

Foley Hoag LLP - Privacy & Data Security

After repeated requests from various states, the Department of Homeland Security informed state governments which states had their election systems hacked or otherwise compromised during the 2016 general election.  According to reports, 21 states had their systems compromised in some fashion, although there is no evidence voting machines themselves were tampered with and in only some instances were computer systems actually penetrated.

Putting aside the politics, there are some serious cybersecurity issues to grapple with.

First and most importantly, states legitimately need whatever information DHS can possibly provide regarding the vulnerabilities in their election systems.  Keep in mind that states can be hemmed in by budget considerations when it comes to their election infrastructure; so even if computer systems relating to elections were vulnerable a year ago, it is not necessarily correct to assume that any given state will have enough resources to replace them with different systems for the next election.  In other words, these systems need to last.  As such, states need information in order to know what to patch and what to fix.

Second, the fact that there does not appear to be evidence of any actual vote tampering might be reassuring for 2016, but it’s not reassuring for future elections, for the same reason: this could be evidence of hackers simply trying to see what the vulnerabilities are in order to take damaging action in the future.

Finally, the lateness of the information being provided, even though states have been requesting this information from DHS for some time, is troubling.  As with any data security problem, more knowledge sooner can reduce future vulnerabilities.  DHS has stated it will try to be more prompt going forward, and prompt communication will be necessary for adequate security.

The bottom line is that there are real security vulnerabilities in our election system, and the federal government appears to have been somewhat coy in communicating the issues involved.  Hopefully such communication will be straightened out to allow states the time needed to patch systems.  Were Congress more apt to focus on this issue in a productive way, it might also consider specific budget appropriations to allow states to beef up their systems.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Foley Hoag LLP - Security, Privacy and the Law | Attorney Advertising

Written by:

Foley Hoag LLP - Security, Privacy and the Law
Foley Hoag LLP - Security, Privacy and the Law
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Foley Hoag LLP - Security, Privacy and the Law on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide