WASHINGTON — Federal law enforcement and cybersecurity officials are warning state election administrators across the country that they face serious threats as the November presidential election approaches.
Secretaries of state and election directors need to prepare for potential cyberattacks, both familiar and uncomfortably new, according to the federal government. And they must remain vigilant against possible threats to their personal safety.
Voter databases could be targeted this year by phishing or ransomware attacks, election officials have told. Bad actors – both foreign and domestic – are attempting to erode trust in the integrity of elections through disinformation, and advances in artificial intelligence present unprecedented challenges to democracy.
“Unfortunately, the threat environment is very high,” said Tim Langan, executive assistant director of the FBI’s criminal, cyber, response and services branch, speaking last week at the FBI’s winter conference. National Association of Secretaries of State in Washington. Washington. “This is extremely alarming.”
Kentucky’s Republican Secretary of State, Michael Adams, knows this all too well.
Hours after he was sworn in for his second term early last month, there was a bomb threat in the state capital of Frankfurt. An email sent to several state government offices, including Adams’, said the bombs placed in the capital would “guarantee that you all end up dead.” Eight other state capitals received similar threats, but no bombs were found.
“I hope this isn’t a sign of what’s to come this year,” Adams told Stateline. “The upside of everything we’ve been through over the last few years is that everyone in this room is psychologically prepared for 2024.”
He pointed out that since 2016 – when Russia and China attempted to influence the outcome of the presidential election – state election officials have strengthened their relationships with federal cybersecurity and law enforcement agencies, election security experts and other senior state officials across the country through the information. -sharing partnerships.
The COVID-19 pandemic has forced election officials to strengthen these partnerships in an increasingly stressful and dangerous environment.
While the warnings Adams and his peers received were stark, state election officials left the conference with a new understanding of the threats, as well as new tools to combat them and new allies to help them prepare in the months preceding the 2024 general elections.
“We are thinking much more creatively today about what could go wrong and what challenges we could have imagined just four years ago,” Adams added.
Threats of violence and cybersecurity concerns
International criminal groups and foreign adversaries such as China, Iran, North Korea and Russia have made “extraordinary” progress in finding ways to break into systems, steal data and disrupt the election, said Eric Goldstein, executive deputy director for cybersecurity at the Department of Cybersecurity and Infrastructure. Security agency.
“We are in a very challenging cybersecurity environment right now,” he said.
Commonly known as CISA, the federal agency unveiled a new website last week, #Protect2024to provide resources to state and local election officials during the primary season and the November general election.
Regionally based federal cybersecurity officials help train local election officials on the Internet
security, provide security assessments for polling places and county courthouses, and encourage county clerk’s offices to adopt .gov websites.
On the same day that CISA unveiled its new website to protect elections, it issued a warning that China is actively targeting US critical infrastructure, particularly in communications, energy, transportation and water systems.
During Goldstein’s presentation, Maine Secretary of State Shenna Bellows and Minnesota Secretary of State Steve Simon, both Democrats, said they were concerned that county and municipal elections officials in rural areas do not take these threats seriously, believing that they are too small to be a target.
“Every site is at risk, regardless of size and regardless of sector,” Goldstein responded.
In early January, a cyberattack disabled the court, tax and telephone systems in Fulton County, Georgia, which includes Atlanta. At the end of the month, local governments in Colorado, Missouri and Pennsylvania hit by ransomware attacks.
“We are under attack and we have to protect everything,” Rich Schliep, chief information officer for the Colorado Department of State, said at a conference in Washington for the National Association of State Election Directors.
National and local election officials continue to cope personal threats in their offices, at ballot tabulation centers and at polling locations, while also receiving email death threats and dangerous physical mail.
State election officials should invest in gloves, masks and the anti-opioid drug Narcan, and should know how to open mail safely and what to do with a threatening letter, said Brendan Donahue, deputy inspector in charge of the United States Postal Inspection Service, who spoke at both conferences.
Malicious mail is not new to the United States, he noted, and law enforcement is still investigating a series of fentanyl-laced letters sent to election offices across the country during the November election. last.
Kansas Secretary of State Scott Schwab, a Republican, encouraged his counterparts to contact their local FBI office and election crime coordinator now.
“You don’t want to do this in the third week of November this year,” Schwab said. “I really encourage you to start developing those relationships.”
Artificial intelligence and the challenge of disinformation
Last month, New Hampshire voters received a robocall apparently from President Joe Biden telling them not to vote in the state’s primary. But when state election officials looked more closely at the call, they discovered it was not Biden’s voice but one generated by artificial intelligence.
In response, the Federal Communications Commission banned the use of AI-generated voices in robocalls, claiming they can be used to suppress voting. New Hampshire Republican Attorney General John Formella started an investigation and sent a cease and desist letter to two Texas-based companies involved in creating the post.
But artificial intelligence can do much more. AI-generated content can be used to create hyperlocal messages aimed at voters to spread false information about polling station locations or voting times. It can create messages in other languages discouraging foreign-born citizens from voting. Or it can be used to create an avalanche of content, even from fake local media outlets, to fuel existing electoral protests.
And there is an internal risk for electoral offices. Staff might receive a call that sounds like the election administrator asking them to change a voting process. Sophisticated phishing emails could trick staffers into granting access to voters’ social media accounts or sensitive information.
“It’s disinformation on steroids,” said former Kentucky Republican Secretary of State Trey Grayson, a member of the National Election Crises Task Force. “We have been facing disinformation threats for several years. But that’s just another level.
State and local election officials already spend a lot of time combating misinformation. Secretaries of State are using #TrustedInfo2024 on social media to promote the importance of going to trusted sources for election information. AI platform ChatGPT has started directing users with election-related questions to CanIVote.orga website maintained by the National Association of Secretaries of State.
It’s an “ongoing challenge,” said Riley Vetterkind, public information officer for the Wisconsin Elections Commission. The state agency provides municipal election clerks with template news releases, a calendar of suggested social media posts, webinars for communications strategies and e-newsletters on existing misinformation.
In Colorado, election officials have aggressively targeted lies that the 2020 presidential election was stolen and that election systems were vulnerable to significant levels of fraud.
“We’ve decided we’re no longer going to be a safety net for BS,” said Matt Crane, executive director of the Colorado County Clerks Association. “We are going to be very aggressive in the public arena.”
The challenges pile on one another, said Mark Lindeman, policy and strategy director at Verified Voting, a nonprofit that advocates for paper voting records, post-election audits and election security.
But there is hope, he added. It’s easy for things to go wrong in elections, but it’s hard to bring down entire electoral systems.
“One of my concerns is that we get excited, scared about everything that could possibly go wrong,” Lindeman said. “We sometimes lose sight of how we can prepare ourselves to meet these challenges and explain to people that we have met them. »
State line is part of States Newsroom, a nonprofit news network supported by grants and a coalition of donors as a 501c(3) public charity. Stateline maintains its editorial independence. Contact editor Scott S. Greenberger with questions: (email protected). Follow Stateline on Facebook And Twitter.