Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime

This Time, Election Protection Bill Gets Bipartisan Support

Latest Proposal Calls for Research on Safeguarding Voting Equipment
This Time, Election Protection Bill Gets Bipartisan Support

A bill passed by a committee last week and sent to the U.S. House floor would empower two federal agencies to investigate vulnerabilities in voting equipment and propose new ways to better protect it from attack.

See Also: 2024 Threat Hunting Report: Insights to Outsmart Modern Adversaries

Unlike other bills designed to protect U.S. elections, this legislation has co-sponsors from both parties, including representatives Mikie Sherrill, D-N.J.; Eddie Bernice Johnson, D-Texas; Anthony Gonzalez, R-Ohio; and Frank Lucas, R-Okla.

The Election Technology Research Act, would also direct the two agencies - the National Institute of Science and Technology and the National Science Foundation – to conduct investigations into issues related to data privacy, auditing elections, internet-enabled voting and end-to-end verification systems.

The bill would create a “center of excellence” overseen by the two agencies that would test and evaluate the security of voting machines and other equipment and issue development certifications for election technology that meets certain cybersecurity standards.

Election equipment, including voting machines, voter registration databases and other technologies, is increasingly seen as vulnerable to attack (see: Report: US Voting Machines Still Prone to Hacking).

Bill Gains Support

The Election Technology Research Act passed the House Science, Space and Technology Committee by unanimous voice vote on Nov. 14. There's no date set yet for a full House vote.

"Our democracy only works if all eligible citizens can participate in elections and be confident that their ballots have been accurately cast and counted," Sherrill says. "The Election Technology Research Act of 2019 will help to ensure that the technical underpinnings of our election architecture are solid."

Lucas notes the proposed bill provides federal resources but still leaves most decisions in the hands of local and state election officials. "The federal government can and should also work closely with state and local election officials to deal with foreign and domestic cyber threats. This bill provides the research tools to do that, without imposing costly or burdensome mandates on states," Lucas tells The Hill.

Several other election security bills that have passed in the Democratic-controlled House have died in the Republican-dominated Senate, where some lawmakers have resisted giving too much power to the federal government when it comes to running elections.

So far, the Election Technology Research Act does not have a counterpart bill in the Senate, according to Meritalk.

Sizing Up the Threats

When Special Counsel Robert Mueller testified before a Congressional committee in July about his report on Russian interference in the 2016 election, he noted that Russian-backed hackers were already preparing to disrupt the 2020 presidential election (see: Mueller: Russian Interference 'Serious' Threat to Democracy).

Another report issued by the Senate Intelligence Committee in July concluded that Russian hackers targeted election systems and infrastructure in all 50 states in the run-up to the 2016 presidential election, and that the federal government failed to fully warn local officials of the danger.

Earlier this month, the Brennan Center for Justice, a nonpartisan law and public policy institute connected to New York University Law School, released a report calling for the creation of a federal certification program that would help ensure vendors that build election infrastructure - including voting machines - meet cybersecurity standards (see: Report Calls for Enforcing Voting Machine Standards).


About the Author

Scott Ferguson

Scott Ferguson

Former Managing Editor, GovInfoSecurity, ISMG

Ferguson was the managing editor for the GovInfoSecurity.com media website at Information Security Media Group. Before joining ISMG, he was editor-in-chief at eWEEK and director of audience development for InformationWeek. He's also written and edited for Light Reading, Security Now, Enterprise Cloud News, TU-Automotive, Dice Insights and DevOps.com.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.