Abstract
Election plays a critical role in a free and fair society and serves as a cornerstone of a country’s democracy. Hence, a resilient and secure electoral process is a critical national interest and this has been of the most priority at the Department of Homeland Security (DHS) in the United States. It calls upon the government to be dedicated to working collaboratively with people on the elections’ front lines comprising the local and state government, the vendor community, federal partners, and election officials to control risks to electoral infrastructure. The paper explores in-depth election security in a democratic country to guarantee a free and fair election process. The 2020, US Election has shown that a high level of coordination and communication among the national agencies responsible for the management and security of elections is an essential aspect of election security.
Introduction
Election plays a critical role in a free and fair society and serves as a cornerstone of a country’s democracy. For example, Americans recognize the essential connection between the trust in election infrastructure and the confidence they place in the fundamental democratic function. Hence, a resilient and secure electoral process is a critical national interest and this has been of the most priority at the Department of Homeland Security (DHS) in the United States (US) (DHS, 2022). It calls upon the government to be dedicated to working collaboratively with people on the elections’ front lines comprising the local and state government, the vendor community, federal partners, and election officials to control risks to electoral infrastructure. They have to remain transparent and agile to secure and combat American cyber and physical infrastructure against evolving and new threats (Choate & Smith, 2019. The US cannot be a true democracy until the Americans have the chance to select their representatives via elections that are conducted freely and fair. The paper explores in-depth election security in a democratic country to guarantee a free and fair election process.
Election Security Planning
Election security or election cybersecurity implies the protection of voting and elections infrastructure from cyber threats or cyber-attacks. The candidate’s security plan cuts across sufficient security for the campaign team and ground, the candidate, election day security, campaign offices, and collaboration with security agents, civil society groups, and coordinating government agencies (Choate & Smith, 2019). During any election, authorities take measures to guarantee candidates, voters, observers, poll employees, and other players engaged in the election experience the process free from harm or fear, and to assure that susceptible election materials are safe. The given security needs for a particular election may differ based on the environment or context. Election security planning should consider the possibilities for all forms of violence and the way of preventing, mitigating, or ending them while respecting basic human rights (Daswani & Elbayadi, 2021). In addition, election violence as, an essential mechanism for election riggers must be carefully checked, as it has emerged into a systematic rigging process, more specifically in developing nations.
Election Infrastructure
It comprises voter registration databases and related Information Technology (IT) systems. The IT systems and infrastructure applied to run elections, for example, the counting, auditing, and election results display, and post-election reporting to validate and certify results. In addition, it entails voting systems and related infrastructure, storage facilities for voting, and election system materials. Last, but not least, the polling places comprise early voting sites (DHS, 2022). Other comprises campaigns, political action committees, and other local government or non-state election-associated groups. Election infrastructure is designated as one of the most significant infrastructures of the nation as a subsection under the Government Facilities sector. The DHS via its Cybersecurity and Infrastructure Security Agency (CISA) offers a range of services that local and state election officials may use to minimize both physical and cyber risk to their election facilities and systems. The framework permits DHS to offer services on a prioritized basis at the request of local and state election officials. It also integrates the support and structure of the National Infrastructure Protection Plan (NIPP) to manage the election (Kilovaty, 2021). The NIPP improves critical infrastructural resilience and security via innovation and partnership.
Further, securing voting infrastructure is a collaboration between local, state, and federal regimes and private sector organizations. DHS collaborates with federal agencies and departments, local and state government, election officials, and other esteemed partners, for example, the National Association of State Election Directors, National Association of Election Officials and the Elections Assistance Commission, International Association of Government Officials, and National Association of Secretaries of State (DHS, 2022). Through a partnership with the officials via both existing and new engagements, DHS and the engaged collaborates both in the private and public sectors are improving efforts to secure voting systems.
Challenges due to Lack of Election Security
Lack of election security has several ways where the elections’ integrity may be influenced. Election outcomes can be incorrectly reported or tallied, and inaccuracies can be initiated by improper oversight or human error. Voting counts may be influenced when fraudulent voting, for example, illegal voting, and multiple voting occurs (Linebarger & Salehyan, 2020). In addition, election reporting and tallying can be influenced by malicious players. They can influence vote counts by destroying or altering evidence critical to audit and validating the accurate election results’ reporting (Kilovaty, 2021). Further, they can introduce inaccuracies in the recording, tallying, and maintenance of votes.
Moreover, there are several ways to avoid the votes’ casting may be physically barred or deterred, for example, by intimidation from accessing polling places. Information on voting times, voting locations, and voting systems can be manipulated to misinform potential voters (NAP, 2022). Further, disruptions in the internet or email service can influence remote voters or people may alter registration data to disenfranchise voters in the country or state. Voting equipment insufficient supplies or failures might inhibit vote collection. In addition, after votes are cast, electronic, or physical ballots may be destroyed or altered. Counting faults can influence electronic or manual tallying approaches and tallies can be incorrectly reported due to malicious activity, or carelessness (Praetz, 2019). Therefore, security susceptibilities may be manipulated electronically to influence vote counts or voting at polling places or in cases of remote voting.
Election Cybersecurity Analysis
The Help America Vote Act (HAVA) encouraged the rise of the introduction of electronic systems across the US election process. However, there have been issues surrounding the susceptibilities to using electronic systems to carry out election functions. Due to the competing demands for resources and attention, these issues have not often been a priority for election managers (Linebarger & Salehyan, 2020). Nonetheless, government and citizen attention to the susceptibilities have surged following Russian efforts’ reports to compromised voter registration database system in the 2016 US Presidential election. The election cybersecurity issue drew the attention of stakeholders during the election during 2016 election that provoked energetic responses from academia, government, and the private and public sectors (Schneider, 2019). Hence, the DHS had to design elections as essential national infrastructure to lay the foundations to resolve emerging election cybersecurity issues.
Responses to Cybersecurity Threats in American Election Process
Consequently, in a bid to respond to the issue of election cybersecurity problems, election managers formed the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) to improve sharing of information among election officials. Further, the private and governmental sector collaborating councils were formed to share information and involve DHS to resolve cyber security threats to American elections (NAP, 2022). Furthermore, institutions, for example, the Belfer Center at Harvard University and the Center for Internet Security have provided guidelines to help local and state officials in mitigating risks to their electronic systems and adapting to the greatest security practices. In addition, the US Congress approved $380 billion in the financial year 2018 for the Election Assistance Commission. It was in a bid for the expenses to create payments to States for tasks to enhance the management of elections for Federal office comprising to create election security enhancements and improve election technology (Schneider, 2019). It implies that election security management in the US has taken this issue to be a priority to ensure free and fair elections in the country to support democracy.
The continued utilization of outdated election systems escalates the possibility of a substantial failure. Even without real compromises or failures do not happen, there is a danger that public confidence in the process election process might be undermined by the possibility of such compromise, mostly if there are signs that such compromise might be attempted. The election process does not adhere to the best security procedures based on cybersecurity as compared to other sectors such as banking (Stoddart, 2017). Data inconsistencies are more difficult to identify in elections than in most other sectors since voters do not typically learn if their votes were processed accurately. Even when best practices are used, election systems cannot be complete. Subsequently, foreign state-sponsored hackers present a challenge for the well-resourced and most responsible jurisdictions. Although, suitable audits may be applied to facilitate trust in the accuracy of the election results even when the integrity of the hardware, software, staff, or other factors of the system on which the election is managed was to be interrogated (NAP, 2022). Hence, better cybersecurity cannot be an alternative for effective auditing.
Factors that Aggravate Election Cybersecurity Issues
The aging systems in the US elections often create the use of software and hardware that are outdated. Cybersecurity risks escalated due to such voting systems can fall well behind the existing advancement in cybersecurity dynamics and the operating system or software applied to manage can no longer be getting security updates (NAP, 2022). Further, the highly decentralized election system in the United States leads to responsibility for cybersecurity frequently falling within the municipal or county level in which resources and expertise can be constrained. US elections are carried out utilizing election systems that are outdated and prone to operational functionalities and security susceptibilities. Hence, obsolete election systems worsen security during the voting process (Schneider, 2019).
Furthermore, the changing threat dynamics, where conventionally the aim has been securing against election fraud spearheaded by corrupt candidates or their proponents who may try to favor a given candidate by destroying or altering votes or interfering with the tallied votes. The US 2016 presidential election revealed that hostile state players might also pose a security threat to the election process (Daswani & Elbayadi, 2021). The players always pose abilities that are more complex and may use higher resources for the performance of such operations. In addition, they can have other objectives than changing the results for a given candidate. If they aim to undermine confidence or disrupt the elections in its results, they can only require attaining Denial-of-service (DoS) contrary to e-pollbooks(Choate & Smith, 2019). However, even failed trials at interference, might if identified, cast doubt on the election outcomes’ validity and lack of robust strategies to recover and detect such threats.
Recommendations or Solutions for Ensuring Elections’ Integrity
Election systems must be continuing to be regarded as United States DHS-designated crucial infrastructure. The United States Election Assistance Commission and US DHS must proceed to establish and keep a comprehensive set of cybersecurity best strategies for local and state election officials. The local and state officials and election system suppliers must integrate the best approaches into their operations. Congress must provide financing for local and state governments to enhance their cybersecurity capacities continuously (Kilovaty, 2021). The US Election Assistance Commission must monitor any future federal financing permitted to improve election security. Further, the electoral security infrastructure offers a methodology to profile electoral threats; hence, that programming, planning, and metrics may be crafted to resolve the conflict arising from the threats. The selection of subjects and methods of information collected during an electioneering period should be responsive to the probability of interpretation as the political intent and potential backlash(NAP, 2022). Hence, additional emphasis must be placed on practices that embrace checks and balances to safeguard the analytical system during elections.
Lessons Drawn from 2020 US Election to Facilitate Secure Future Elections
Preparation
Any country with aim of holding free and fair elections should understand that preparation plays a significant role in ensuring election security. Hence, to protect American election infrastructure in the future, Congress should ensure long-term dedication to financing election security. Congress has invested over $805 million in 2018 to secure American elections(McCadney, Tisler, & Norden, 2020)). While the financing assisted states to be in a better position to address cybersecurity threats in the past 2020 elections, investments without the assurance of continued financing may imply that significant investments are never made. Election officials are always cautious about implementing processes and systems that need long-term maintenance because of fear that they could be left to choose the tab after federal money runs out(NAP, 2022). Therefore, sustained federal support and financing would permit officials to develop programs with future perspective in mind leading to earlier preparation in the election process that enhance election security.
Election Security Supports Voter Access and This Enhances Security
Enhancements in election security made US elections more resilient and increased voter access. Reinforced infrastructure implied that when government offices were shut down because of the COVID-19 pandemic, upgraded election websites were reinforced to deal with escalated demand contributed to by voters moving to online registration (McCadney, Tisler, & Norden, 2020). Further, election officials prepared for possible cyber threats by providing polling places with backups in terms of papers. While Americans did not experience a cyber attack closed down equipment in the time of scheduled technical glitches. In some parts, election staff offered voters emergency paper ballots when the voting machines slowed to start; they had provisional ballots when the voter registration database of the state become inaccessible in the early voting. Hence, more voting alternatives implied that the effect and stress on the election systems were dispersed over a longer time with more chances to detect and address issues before the voting period ends (Linebarger & Salehyan, 2020).
The US Congress Failure on its Mandate to sufficient Fund Election
Despite Congress failing to adequately fund the 2020 US election, private companies and individuals stepped up to amend the situation. The election officials turned to them to help in managing the elections to have a free and fair democratic process devoid of election security malpractices. For example, Mark Zuckerberg contributed close to $400 million and Schwarzenegger Institute contributed over $2.5 million for initiatives such as hiring additional election employees and maintaining the polling place open (McCadney, Tisler, & Norden, 2020). Many other organizations and businesses took the initiative to educate the public and help voters navigate their safe voting alternatives in 2020 and guarantee that their vote would count. Hence, in any democracy, paying for, and managing elections is a fundamental governmental responsibility(Kilovaty, 2021). The US Congress should ensure that jurisdictions have sufficient funds they require to manage their elections in future elections.
Paper Ballots
Paper ballots are critical to securing voting equipment and establishing public confidence in the electoral process. There are a few factors of the US election system that have received attention and this comprises the paperless voting devices(Praetz, 2019). The devices pose a substantial risk to the integrity of the election system: when election managers detect a hack of the devices, paperless systems offer an independent record that may be utilized to verify their accuracy. In the 2020 US election, there was 95% of the ballot cast with paper record related as compared to 82% in the 2016 election(McCadney, Tisler, & Norden, 2020). Therefore, even if a cyber attack does not happen, election managers may enhance confidence in the election outcomes by reviewing and checking the ballot papers’ records at the time of an audit after an election.
Conclusion
The nature of any election creates it susceptible to an array of security attacks against candidates, election infrastructure, materials, and information. Hence, effective election security should draw on expertise and information from various arenas. The 2020, US Election has shown that a high level of coordination and communication among the national agencies responsible for the management and security of elections is an essential aspect of election security. Further, DHS has initiated several programs and strategies to counter election cyberattacks that enhanced the 2020 election in the US.
References
Choate, J., & Smith, R. (2019). Election cybersecurity. The Future of Election Administration, 9(2), 279-299.
Daswani, N., & Elbayadi, M. (2021). Facebook security issues and the 2016 US presidential election. Big Breaches, 1(4), 97-130.
DHS. (2022). Election security. Web.
Kilovaty, I. (2021). Cybersecurity abroad. Defending Democracies, 3(4), 197-214.
Linebarger, C., & Salehyan, I. (2020). Electoral integrity and election-related conflict. Democracy and Security, 16(3), 260-280.
McCadney, A. C., Tisler, D., & Norden, L. (2020). 2020’s lessons for election security. Web.
NAP. (2022). 5 ensuring the integrity of elections | Securing the vote: Protecting American democracy |The National Academies Press. Web.
Praetz, N. (2019). Election security and large counties. The Future of Election Administration, 3(5), 185-201.
Schneider, M. K. (2019). Election security: Increasing election integrity by improving cybersecurity. The Future of Election Administration, 3(4), 243-259.
Stoddart, K. (2017). Cybersecurity in the United States and the United Kingdom. US National Cybersecurity, 3(2), 155-176.