IE 11 is not supported. For an optimal experience visit our site on another browser.

If Russia Comes Calling, Feds and States United for Election Cybersecurity

President Donald Trump says Russian hacking is a hoax, but his own agencies have been quietly working with states to beef up their cybersecurity resources.
Image: Voting
Voters line up in voting booths to cast their ballots at Robious Elementary School on November 8, 2016 in Richmond, Virginia. The 30-ft. x 12-ft. image in the background was painted by 3rd and 4th graders at the school in preparation for Veterans Day.Shelpy Lum / Richmond Times-Dispatch via AP

President Donald Trump says allegations of Russian hacking in the 2016 election are a hoax — but his own agencies are working with states to beef up their cybersecurity, heeding the U.S. intelligence community's warning: Moscow will be back in 2018.

The Department of Homeland Security, state and local election officials, the FBI, and a federal election council have joined forces to work through hacking scenarios and root out weaknesses in state election systems.

The project, in which states will have access to grants to upgrade election technology and tools to run simulations to examine holes in their systems, is a test for how well officials can work together to ward off potential election-related threats ahead of the midterm elections next year and the presidential election in 2020, experts said.

"If we get some evidence that something is happening, then we can do something about it. This a big step forward," said David Becker, an election expert at the nonprofit Center for Election Innovation & Research.

However, some states are wary of the feds' reaching into an area that has traditionally been the province of the states — holding elections — and some experts also question whether something in which participation is voluntary can have any real impact.

The 28-member federal-state group, called the Election Critical Infrastructure Government Coordinating Council, will hold its first public meeting this month.

During thelast election, there was a communication breakdown between the feds and the states, said Bob Kolasky, a top Homeland Security official who works with the council.

Related: Former DHS Chief Warns Russians Will Continue to Target U.S. Elections

"We were making relationships on the fly ... not in a way that got the information as quickly as possible," said Kolasky, the acting deputy undersecretary for national protection.

Last year, hackers alleged to be Russian agentstargeted many state systems, but DHS didn't notify them until nearly a year later. Voter registration systems were targeted but not vote tabulation software.

"We were certainly concerned about the delay and, I think, for us, not getting clarity about information we weren't aware of. There was definitely concern," said Edgardo Cortes, Virginia's elections commissioner.

Image: November 2016 election
Voters line up in voting booths to cast their ballots at Robious Elementary School in Chesterfield, Va., on Nov. 8.Shelby Lum / Richmond Times-Dispatch via AP

Virginia was one of the states that hackers targeted in the 2016 elections. The hackers looked for vulnerabilities, but officials said they didn't obtain any information.

Other states in the hackers' sights included: Alabama, Arizona, Colorado, Illinois, Iowa, Ohio, Pennsylvania and Wisconsin. Only Illinois said hackers succeeded in breaching its system, according to The Associated Press.

Before leaving office In January, President Barack Obama designated the nation's election infrastructure — storage facilities, polling places, vote tabulation locations and voting machines — as critical infrastructure. That designation means election officials across the nation will get access to federal cybersecurity tools and intelligence briefings from the feds.

But some experts doubt that the improved federal-state effort will be a significant deterrent.

Michael McDonald, a political scientist and election expert at the University of Florida, said the election council is powerless to require states to take the steps needed to boost election cybersecurity.

"All of them needing to communicate with each other about a potential attack, that's very challenging," he said.

The National Association of Secretaries of State passed a resolution this year opposing the critical infrastructure designation by DHS, seeing it as federal overreach into a state issue.

"We're cautious but also willing to work with DHS to make sure states retain their rights and we get the communication and information that we need," said Indiana Secretary of State Connie Lawson, president of the association.

Image: Connie Lawson
Commissioner Connie Lawson speaks during the first public meeting of the Presidential Advisory Commission on Election Integrity in Washington on July 19.Andre Chung / for NBC News

Lawson and several other secretaries of state in the association will offer input on the council, she said.

"All of us at the federal level wholly embrace that to show them that this isn't a takeover but a coordinated approach to make the system better," said Matthew Masterson, a member of the council and a commissioner on the federal Election Assistance Commission.

Kolasky, the DHS official, acknowledged that the effort is voluntary but said the agency "will share information if we have information about threats whether they ask for it or not."

"I personally don't see any drawbacks," said Cortes, the Virginia election official, who added that he welcomed the additional resources because they would improve voter confidence in the election and put more tools in states' toolboxes.

Said Becker, the election expert, "We live in an era of threats, and that's going to keep us on our toes."