The time to hack-proof the 2018 election is expiring — and Congress is way behind
Lawmakers are scrambling to push something — anything — through Congress that would help secure the nation’s voting systems ahead of the 2018 elections.
But it might already be too late for some critical targets. By this point during the 2016 election cycle, Russian hackers had already been in the Democratic National Committee’s networks for at least three months.
Story Continued Below
Members of both parties insist they can get something done before Election Day 2018, but concede that the window is rapidly closing. Voters in Texas and Illinois will take to the polls in the country’s first primaries in just over three months — a narrow timeline for implementing software patches, let alone finding the funds to overhaul creaky IT systems, swap out aging voting machines or implement state-of-the-art digital audits.
“Not a lot of time, no question,” Senate Intelligence Chairman Richard Burr (R-N.C.), who is leading an investigation of Russia’s election-year meddling, told POLITICO.
It’s not for a lack of ideas. Lawmakers on both sides of the aisle have proposed a raft of legislative solutions aimed at inoculating future U.S. elections from foreign meddling. But the efforts have been stalled amid partisan fighting, ideological disagreements over who should fund election security and — perhaps most prominently — a packed congressional calendar that has prioritized repealing Obamacare and pushing through a tax overhaul.
“I don’t think anything can come that fast, unless you are a tax bill or something like that,” said Mississippi’s Bennie Thompson, who co-chairs a House Democratic election task force formed to explore bolstering the country’s decentralized election infrastructure ahead of the 2018 midterms.
Thompson’s group is planning to issue its own legislation next month and Thompson, the ranking member on the House Homeland Security Committee, insisted it would go through “regular order,” with extensive hearings, debate and amendments — a process that could take weeks or months.
“There’s no question from the standpoint of what we need to do, we’re behind,” he said. “And by being behind, we’re at risk for any future federal election.”
Cybersecurity experts have long warned that America’s election system is a sitting duck for hackers looking to cause chaos. Voter rolls have regularly been been stored on inadequately protected systems, and the country has for years relied on outdated electronic voting machines. At the state and local level, governments can lack the funds to hire elite cyber professionals or properly train staff.
And campaigns themselves are often harried and slapdash, with little thought given to digital security.
The 2016 election vaulted these realities into the public spotlight. The U.S. government accused Russian President Vladimir Putin of deploying his hackers in an orchestrated scheme to infiltrate political parties, campaigns and state election networks. The effort was wildly successful, pilfering and selectively leaking internal files from the Democratic Party and Hillary Clinton’s campaign, spurring intra-party bickering and generating weeks of splashy headlines based on the exposed personal emails.
And U.S. intelligence leaders have warned that Moscow will be back, leveraging the lessons of 2016 to try and destabilize future elections. Already, officials and researchers have accused the Kremlin of using similar tactics in subsequent elections around Europe.
Yet Capitol Hill has not passed any legislation that specifically addresses the issue.
Sens. Amy Klobuchar (D-Minn.) and Lindsey Graham (R-S.C.) pushed a bipartisan proposal that would allow states to apply for federal grants to update election technology after proving they had adopted certain federal cybersecurity standards. But the legislation hasn’t received a floor vote. And a companion House bill is stuck in limbo.
Sens. Martin Heinrich (D-N.M.) and Susan Collins (R-Maine) are another across-the-aisle duo offering their own bill that would speed through security clearances for top election officials, giving them access to classified information on hacking threats. The measure hasn’t gotten off the ground. And independent Maine Sen. Angus King pressed Senate appropriators — to no avail — for $160 million to help state and local governments purchase auditable voting machines. A slate of other mostly-Democratic proposals have similarly gone nowhere.
“I’m concerned that there’s not enough urgency broadly to move legislation forward,” Heinrich told POLITICO. “But we’re going to keep pushing, because I think these problems are not going away.”
Perhaps the most high-profile policy recommendations will arrive sometime early next year when Burr’s Senate Intelligence Committee releases the findings of its monthslong examination of Russia’s digital meddling efforts. Burr and panel ranking member Sen. Mark Warner (D-Va.) have vowed their final report will include suggestions for how to ensure the Kremlin can’t repeat its 2016 success in future elections.