WASHINGTON — The officials in charge of running America’s elections in many states convened in the nation's capitol this week to test and discuss their preparations for the 2020 U.S. presidential election.
On their checklists: Everything.
The National Association of Secretaries of State kicked off its biannual conference Thursday, a four-day event which this year has a heavy emphasis on election security. Each state has a chief elections officer and in 24, that's the secretary of states. In others they may be responsible for only some parts of the electoral process.
While praising the new information sharing network between state and federal authorities, officials who spoke with NBC News touched on a wide variety of challenges they continue to face, from disappointment with weak support by the executive branch to persistent concerns about disinformation.
“We need to make sure that our operations are as resilient as possible, meaning that our hardware and software prevents attack, and measures are in place to survive an attack so that voters can trust the results of the election,” said Nellie Gorbea, the Rhode Island secretary of state.
Since national intelligence agencies determined Russia interfered in the 2016 election, states have had four years to prepare for the next presidential election. While there have been a flurry of dedicated efforts from the local levels to federal agencies and civil servants to beef up security and work with private companies, some of the officials said more needs to be done at the highest levels of government.
Jena Griswold, the Colorado secretary of state, said Senate Majority Leader Mitch McConnell, R-Ky., and President Donald Trump "have largely left states and counties to fend attacks from Russia by ourselves.”
“It’s sending a clear message that the top officials are not taking our election security seriously,” she said.
While states of have received hundreds of millions of dollars in Congressional funding for election upgrades since 2002, the Brennan Center for Justice, a public policy institute at New York University Law School, has estimated over $2.2 billion is needed to address the most critical election security upgrades.
Some states and election advocates believe those funds should also come with stipulations, such as eliminating any wireless modems in voting machines used to transmit preliminary results, implementing mandatory paper trails and introducing risk-limiting audits.
Other states strongly disagree, saying they need total latitude to do what’s in the best interests of their constituents.
States are Constitutionally empowered to run their own elections, and local jurisdictions are ultimately responsible for their hands-on administration. But that can mean a small, local election office without a dedicated technology staff can be on the front lines against attackers funded by deep-pocketed nation-states or other interests, if it doesn’t opt into some of the guidance and security monitoring being offered at the national level.
A wide variety of election security preparations are already underway.
Fleets of new voting machines with paper trails have been rushed into jurisdictions. States are forcing counties to comply with step-by-step cybersecurity checklists. Boards of elections are scrutinizing vendors for potential conflicts of interest. Posters are being distributed across the country with action plans for various threats, from power outages to suspicious behavior at polling stations.
At the conference, Department of Homeland Security officials conducted a mock disruption of the election in a scenario, versions of which have been conducted at different scales across the country in the past few years.
More than 250 people representing 44 states, 16 voting system vendors and 11 federal agencies participated in the exercise, which was closed to the media. Representatives were present from DHS, Office of the Director of National Intelligence, Secret Service, FBI, the U.S. Election Assistance Commission, and National Guard.
“The beauty of that was getting those agencies, there were a lot of them in there with us, in a room where we can all talk with one another, exchange information, hear each other’s issues and problems and now have a point of contact,” said Mac Warner, West Virginia secretary of state.
Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency at DHS, said these events are necessary but more needs to be done to reach outlying localities.
“There’s 8,800 jurisdictions out there,” he said. “We’ve got to figure out how we hit that last mile.”
For voters, the potential for election interference is “on the front of people’s minds,” said David Stafford, election supervisor for Escambia County, Florida, in remarks to the media.
He noted that each of the election infrastructure systems for the state’s 67 counties sit behind intrusion detectors known as “Albert sensors,” a national system of network monitors that can detect potential cyberattacks and alert federal and state government agencies. It was put in place after 2016.
Going into the 2020 elections, every state will use the malicious activity sensors, as will several election system vendors.
But putting on an election is about more than security, noted Tammy Patrick, senior adviser at the Democracy Fund, a Washington-based non-profit that focuses on democratic process issues.
Counties still need to hire and train enough people to run polling stations and to ensure there's enough paper ballots or paper trails to meet demand at locations that use them. Polling indicates 2020 turnout could be record-breaking.
“With all the focus on cybersecurity issues, it’s important to not lose sight of the basics of election administration,” she said.