Democrats barrel ahead on Russia with election security report

House Democrats issued their most detailed plea yet Wednesday for action to protect the midterm elections from Russian interference, including asking for over $1 billion in grants to upgrade and secure the country’s voting infrastructure.

The requests came in the form of a 56-page report and legislation that aims to funnel hundreds of millions of dollars to states grappling with aging voting machines and insufficient IT budgets.

The move is the latest in a series of unilateral efforts by Democrats to call attention to the vulnerabilities of the United States’ election systems. The memo proclaims that many in the GOP “still refuse” to address the dangers of attacks from other nations, despite abundant evidence of Russia’s meddling in 2016.

“The unprecedented attack by Russia exposed serious national security vulnerabilities in our election infrastructure,” says the report, which was roughly six months in the making. “We urge Congress to act in bipartisan fashion and take action — to provide the necessary funding, to take seriously the recommendations of this Task Force, and to recognize that election security is national security.”

Voting integrity experts warn that time is running out to take action before the November midterms. And they argue the federal government must play a greater role if the country is to stave off a new round of interference by Moscow’s hackers, which U.S. intelligence leaders have warned is all but inevitable.

In recent weeks, Democrats released a hefty memo — written without GOP involvement — that laid out Russian President Vladimir Putin’s alleged electoral interference around the world. Sen. Dianne Feinstein of California, the top Democrat on the Senate Judiciary Committee, also caught Republicans off-guard by making public the closed-door testimony of a key player in the Senate’s probe of alleged Russian collusion with President Donald Trump’s campaign. And last week, Democrats took over the Senate floor for over an hour to admonish the Trump administration for failing to implement congressionally mandated sanctions against Russia for its election-year behavior.

Wednesday’s report — spearheaded by House Homeland Security ranking Democrat Bennie Thompson and Rep. Bob Brady, ranking member on the Administration Committee, which oversees elections — focuses on what steps the federal government should take. The recommendations, and accompanying bill, closely hew to the advice of election and cybersecurity experts and reflect the wishes of cash-strapped states, many of which have urged the federal government to help fill the financial void.

In the report, the Democrats urged Congress to immediately send $300 million to states to upgrade their voting machines to protect against foreign meddling, then provide more money later for cybersecurity training, voter database security improvements and grants to ward off future threats.

The legislation, dubbed the Election Security Act, goes even farther. It would authorize a $1 billion grant program for election officials seeking to buy more secure voting machines, conduct digital flaw screenings, hire new technology staffers and develop better cybersecurity training for employees. It would also offer each states $1 for each voter that participated in the most recent election as a way to ensure ongoing funding.

The White House’s recently released budget proposal for requests a boost for cyber spending across the board, but doesn’t specifically address election security grants for states.

Democrats also want more money for the Department of Homeland Security, which has been working to provide states with election security services — such as weekly digital vulnerability scans and comprehensive, in-person examinations of the entire system used to run an election. The legislation would order DHS to expand such services and would authorize a $6.25 million annual grant for DHS to give to election security research projects.

Additionally, the report recommends boosting the budget of the Election Assistance Commission — a federal agency that provides voluntary guidance for states and tests voting machines — to recognize “its expanded role in election cybersecurity.”

Under the Democrats’ proposed legislation, the EAC would manage the $1 billion grant program.

Republicans have made repeated efforts to defund the EAC, arguing it has outlived its original mandate of helping states use the federal aid they received after the 2000 presidential election debacle. But Democrats believe the commission is a valuable vehicle to develop and offer digital security certification guidelines to states. The report notes that three of the eight states that don’t adhere to the EAC’s guidance were among the 21 states that Russian hackers are believed to have targeted during the 2016 election.

“The EAC is in the unique position of being a federal agency with relationships with state and local election officials, and with an expertise in election administration,” the report says.

Election technology vendors received particular scrutiny in Wednesday’s report and legislation. Specifically, the Democrats’ bill would only allow states to spend federal grant money if voting system sellers agree to report cyberattacks to the authorities and adhere to security guidelines set by the EAC and DHS.

Voting technology vendors have increasingly drawn the ire of the security community, which argues the industry has escaped meaningful oversight and refuses to engage with researchers, academics or government officials. Election software vendors are also in the spotlight following the leak of an apparent National Security Agency report that detailed a Russian plot to infiltrate a voting database software supplier and use that perch to send local election officials malware-laden emails.

These vendors, the Democrats’ report says, “have little financial incentive to prioritize election security, and are not subject to regulations requiring them to use cybersecurity best practices.”

Separately, the Democrats’ proposal stumps for several new documents from the Trump administration. The bill would order U.S. spy agencies to produce a threat assessment six months before every federal election and directs the White House to develop a national strategy for countering foreign attempts to undermine elections.

Some of the steps the report advocates are already underway. One recommendation says the federal government should continue to classify election systems as “critical infrastructure.” In its final days, the Obama administration applied that designation to give the election sector the same access to the federal government’s cybersecurity services that the banking and energy industries receive.

Other recommendations include directions for states. One urges states to conduct sophisticated “risk-limiting” audits after their elections, which cybersecurity experts call the best way to ensure hackers aren’t meddling with vote tallies. Colorado recently became the first state to require such audits, while a few other states like Rhode Island and Virginia are set to adopt them shortly.

The bill that accompanied the report would establish a $20 million grant program states could tap to adopt these risk-limiting audits.

The report and legislative offering keep up the steady drumbeat from Democrats that Republicans and the Trump administration are not doing enough to counter the Kremlin’s rising global influence.

In just one week in early January, senior House Democrats accused Republicans of waging “an aggressive campaign to shut down congressional and criminal investigations into Russia’s attack,” Senate Democrats released their report on Russia’s electoral meddling around the world and Feinstein released the transcript of the Judiciary Committee’s August interview with Glenn Simpson, whose company was behind a dossier tying Trump to the Kremlin.

Democrats’ have also repeatedly accused the administration of showing feckless leadership in the effort to prevent future Russian interference. In particular, Attorney General Jeff Sessions took fire from lawmakers after seemingly failing to follow through on a pledge to look into what the Justice Department was doing to bolster election security.

Senate Democrats hammered home all these themes during their parade of floor speeches last week.

Democrats have found some willing partners across the aisle to push several of the proposals contained in Wednesday’s report.

In December, a bipartisan group led by Sen. James Lankford (R-Neb.) introduced a bill to create block grants for voting machine upgrades. Sens. Amy Klobuchar (D-Minn.) and Lindsey Graham (R-S.C.) are pushing a similar proposal that would let states apply for federal grants to update election technology after proving they had adopted certain cybersecurity standards.

Most recently, Sens. Marco Rubio (R-Fla.) and Chris Van Hollen (D-Md.) released a bill that would slap penalties on foreign countries caught meddling in U.S. elections.

Still, none of the offerings has received much consideration. And election security advocates warn that every day Congress spends fighting over keeping the government open is another day not spent moving legislation that could help the country fend off hackers in the next election.

The report echoed that sentiment.

“The attacks in 2016 preview what is yet to come,” it said. “The threat remains, and Congress must act.”
House Democrats issued their most detailed plea yet Wednesday for action to protect the midterm elections from Russian interference, including sending at least $300 million in aid to states to upgrade their voting machines.

Their 56-page report is the latest in a series of unilateral efforts by Democrats to call attention to the vulnerabilities of the United States’ election systems. The memo proclaims that many in the GOP “still refuse” to address the dangers of attacks from other nations, despite abundant evidence of Russia’s meddling in 2016.

“The unprecedented attack by Russia exposed serious national security vulnerabilities in our election infrastructure,” says the report, which was roughly six months in the making. “We urge Congress to act in a bipartisan fashion and take action — to provide the necessary funding, to take seriously the recommendations of this Task Force, and to recognize that election security is national security.”

Voting integrity experts warn that time is running out to take action before the November midterms. And they argue the federal government must play a greater role if the country is to stave off a new round of interference by Moscow’s hackers, which U.S. intelligence leaders have warned is all but inevitable.

In recent weeks, Democrats released a hefty memo — written without GOP involvement — that laid out Russian President Vladimir Putin’s alleged electoral interference around the world. Sen. Dianne Feinstein of California, the top Democrat on the Senate Judiciary Committee, also caught Republicans off-guard by making public the closed-door testimony of a key player in the Senate’s probe of alleged Russian collusion with President Donald Trump’s campaign. And last week, Democrats took over the Senate floor for more than an hour to admonish the Trump administration for failing to implement congressionally mandated sanctions against Russia for its election-year behavior.

Wednesday’s report — spearheaded by House Homeland Security ranking Democrat Bennie Thompson and Rep. Bob Brady, ranking member on the Administration Committee, which oversees elections — focuses on what steps the federal government should take. The recommendations closely hew to the advice of election and cybersecurity experts and reflect the wishes of cash-strapped states, many of which have urged the federal government to help fill the financial void.

In the report, the Democrats urged Congress to immediately send $300 million to states to upgrade their voting machines to protect against foreign meddling, then provide more money later for cybersecurity training, voter database security improvements and grants to ward off future threats. The White House’s recently released budget proposal for requests a boost for cyber spending across the board, but doesn’t specifically address election security grants for states.

Democrats also want more money for the Department of Homeland Security, which has been working to provide states with election security services — such as weekly digital vulnerability scans and comprehensive, in-person examinations of the entire system used to run an election. But the report leaves it to DHS to determine how much more money the agency needs, potentially a difficult request given that former Secretary John Kelly — now Trump’s chief of staff — has told Congress his agency had the funds it needed for its election security work.

Additionally, the report recommends boosting the budget of the Election Assistance Commission — a federal agency that provides voluntary guidance for states and tests voting machines — to recognize “its expanded role in election cybersecurity.”

Republicans have made repeated efforts to defund the EAC, arguing it has outlived its original mandate of helping states use the federal aid they received after the 2000 presidential election debacle. But Democrats believe the commission is a valuable vehicle to develop and offer digital security certification guidelines to states. The report notes that three of the eight states that don’t adhere to the EAC’s guidance were among the 21 states that Russian hackers are believed to have targeted during the 2016 election.

“The EAC is in the unique position of being a federal agency with relationships with state and local election officials, and with an expertise in election administration,” the report says.

Election technology vendors received particular scrutiny in Wednesday’s report. Specifically, the Democrats called for rules that would require voting system sellers to report cyberattacks to DHS and the EAC.

Voting technology vendors have increasingly drawn the ire of the security community, which argues the industry has escaped meaningful oversight and refuses to engage with researchers, academics or government officials. Election software vendors are also in the spotlight following the leak of an apparent National Security Agency report that detailed a Russian plot to infiltrate a voting database software supplier and use that perch to send local election officials malware-laden emails.

These vendors, the Democrats’ report says, “have little financial incentive to prioritize election security, and are not subject to regulations requiring them to use cybersecurity best practices.”

Separately, the report stumps for several new documents from the Trump administration. It asks for U.S. spy agencies to produce a threat assessment six months before every federal election and implores the federal government to develop a national strategy for countering foreign attempts to undermine elections.

Some of the steps the report advocates already are underway. One recommendation says the federal government should continue to classify election systems as “critical infrastructure.” In its final days, the Obama administration applied that designation to give the election sector the same access to the federal government’s cybersecurity services that the banking and energy industries receive.

Other recommendations include directions for states. One urges states to conduct sophisticated “risk-limiting” audits after their elections, which cybersecurity experts call the best way to ensure hackers aren’t meddling with vote tallies. Colorado recently became the first state to require such audits, while a few other states like Rhode Island and Virginia are set to adopt them shortly.

The report keeps up the steady drumbeat from Democrats that Republicans and the Trump administration are not doing enough to counter the Kremlin’s rising global influence.

In just one week in early January, senior House Democrats accused Republicans of waging “an aggressive campaign to shut down congressional and criminal investigations into Russia’s attack,” Senate Democrats released their report on Russia’s electoral meddling around the world and Feinstein released the transcript of the Judiciary Committee’s August interview with Glenn Simpson, whose company was behind a dossier tying Trump to the Kremlin.

Democrats’ have also repeatedly accused the administration of showing feckless leadership in the effort to prevent future Russian interference. In particular, Attorney General Jeff Sessions took fire from lawmakers after seemingly failing to follow through on a pledge to look into what the Justice Department was doing to bolster election security.

Senate Democrats hammered home all these themes during their parade of floor speeches last week.

Democrats have found some willing partners across the aisle to push several of the proposals contained in Wednesday’s report.

In December, a bipartisan group led by Sen. James Lankford (R-Neb.) introduced a bill to create block grants for voting machine upgrades. Sens. Amy Klobuchar (D-Minn.) and Lindsey Graham (R-S.C.) are pushing a similar proposal that would let states apply for federal grants to update election technology after proving they had adopted certain cybersecurity standards.

Most recently, Sens. Marco Rubio (R-Fla.) and Chris Van Hollen (D-Md.) released a bill that would slap penalties on foreign countries caught meddling in U.S. elections.

Still, none of the offerings has received much consideration. And election security advocates warn that every day Congress spends fighting over keeping the government open is another day not spent moving legislation that could help the country fend off hackers in the next election.

The report echoed that sentiment.

“The attacks in 2016 preview what is yet to come,” it said. “The threat remains, and Congress must act.”

CategoriesUncategorized

Leave a Reply