REMEDIES FOR THREATS TO OUR ELECTIONS

My previous post highlighted threats to our election and voting systems. There are remedies for these threats, including the new and exacerbated ones due to the corona virus pandemic.

Surprisingly, there are lessons about cybersecurity that we should learn from Estonia. As a former state within the Soviet Union, it has decades of experience with Russian propaganda. It also has over a decade of experience dealing with Russian cyberattacks. In 2007, Russian hackers executed the first politically motivated cyberattack against a nation, bringing down much of Estonia’s Internet. They disabled government, newspaper, and bank websites. In response, Estonia built a Cyber Defense League based on a small staff and budget ($300,000) and a network of hundreds of volunteers. The volunteers do public education and plan simulated cyberattacks to test the government’s response. Estonia also has an ambassador at-large for cyber diplomacy and a federal Information System Authority that includes a cyber emergency response team. [1]

Estonia’s national government offers free cybersecurity trainings and screenings to candidates and political parties. In the lead-up to each election, it holds a hackathon where security experts try to break into the country’s election systems. Any vulnerabilities and the steps taken to fix them are publicly reported. The State Electoral Office has a working group that meets daily during elections to monitor the media and identify disinformation campaigns.

When Estonia joined NATO in 2004, it proposed hosting a center for cyber defense. Initially, NATO members were cool to the idea, but after Russia’s attack on Estonia in 2007, NATO agreed to create the NATO Cooperative Cyber Defense Center of Excellence housed in Tallinn, Estonia. It now hosts the largest cyber defense exercise in the world with over 1,200 participants from nearly 30 countries. In April 2019, the exercise’s scenario involved a coordinated cyberattack during a national election that affected vital services and also sought to manipulate public perception of the election results.

Estonia has become the model for countries working to counter Russian (and other) electronic meddling. It has developed cybersecurity expertise and a secure on-line voting system (over 40% of Estonians vote on-line). It requires high school students to take a 35-hour course on media and manipulation.

A key underlying element of Estonia’s preparedness for election meddling is broad public understanding that cybersecurity requires eternal vigilance, a sense of urgency, and a unity of purpose that leads to coordination among public agencies and private entities. These elements have, unfortunately, been lacking in the U.S. due to the lack of urgency from the Trump administration and Republicans in Congress about meddling in our elections.

To address cybersecurity and the other threats to our elections, and to ensure that everyone can vote safely and securely the U.S. needs to do the following: [2]

  • Establish an overarching national strategy on election security that coordinates efforts by governments, the private sector, academia, and the public,
  • Replace paperless voting machines with ones that have a paper backup and audit trail,
  • Expand alternative voting opportunities such as early voting and mail-in voting,
  • Enhance the ease of voter registration (e.g., on-line and same day registration) and the security of voter registration databases,
  • Provide federal funding to states to enhance voting systems and election-related security,
  • Increase oversight of and security requirements for vendors of voting systems,
  • Establish national standards for voting machines, registration databases, and voting procedures (e.g., post-election audits to verify the accuracy of results) to ensure that every eligible voter can vote safely and securely, and
  • Enhance the monitoring and response to misinformation and foreign attempts to influence our elections.

I urge you to contact your state election agency, often the Secretary of State, as well as your local, state, and national elected officials to encourage them to enhance the security and user-friendliness of our voting and election systems and procedures.

We need to make it as easy and as secure as possible for every citizen to vote!

[1]      Bryant, C. C., 2/4/20, “Cybersecurity 2020: What Estonia knows about thwarting Russians,” The Christian Science Monitor (https://www.csmonitor.com/World/Europe/2020/0204/Cybersecurity-2020-What-Estonia-knows-about-thwarting-Russians)

[2]      Brennan Center for Justice, retrieved 3/20/20, “Defend our elections,” (https://www.brennancenter.org/issues/defend-our-elections)

Comments and discussion are encouraged

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: