National security officials say voting systems in 21 states were targeted by Russian-connected hackers two years ago, prompting Congress to allocate $380 million to secure election systems and shore up cybersecurity. Use of Illinois' money is laid out in the state budget approved this spring, which designates no less than half be used to create a Cyber Navigator Program to support the efforts of election authorities to defend against cyberbreaches and detect and recover from attacks.
“We became sort of the poster child for what can happen and how you deal with it,” said Matt Dietrich, an Illinois State Board of Elections spokesman.
In Illinois, the board of elections noted a breach of its electronic voter database in July 2016 and worked to stop the intrusion, yet later notified voters that their data may have been viewed by hackers. The agency's executive director, Steve Sandvoss, said in February that the threat to cybersecurity during the state's upcoming November election was very real.
A conference next week in Bloomington featuring election officials and law enforcement seeks to tackle the issue. Helping to organize the event is six-term Logan County Clerk Sally Turner, who said officials like county clerks are now in a spot where knowledge on cybersecurity is just as important as how to run an election.
"Most county clerks have no idea that, when they ran for office, that they would have to be an IT director," she said. "And so, this is helping us get a basic knowledge of what is all this information that is out there, and how do we decipher it all."
Macon County Clerk Steve Bean said online security for his office has become a top priority in the rapidly changing world of technology and outside threats.
“I’ve probably had more meetings in the last two years over (cybersecurity) than any other thing related to elections,” said Bean, who has served as the county's chief election official since 1990.
No one knows yet how much money each county could receive to improve security or guidelines for how that money could be spent. Dietrich said the board of elections is working alongside agencies such as the Illinois Department of Innovation and Technology, Illinois State Police and the Illinois Statewide Terrorism and Intelligence Center to set up the program.
Local entities who are part of the program will be eligible to apply for some of the federal dollars, Dietrich said.
The aim of the previously reported attacks have not been to make any changes to ballots or votes on election day, specifically because ballot machines are intentionally not online. Instead, Dietrich said the aim has been to affect seemingly trivial things like to remove a person’s name from their polling place, or change where a person is registered to vote.
“It could create inconvenience, tension and lines at polling places,” he said. “And it’s all part of what we’ve heard from the (U.S.) Justice Department ... they said the goal was to create chaos in American institutions and thereby weaken those systems and basically discourage confidence in government.”
Cat and mouse
President Donald Trump's top intelligence adviser in February told a Senate committee that Russia is moving to build on its earlier efforts to interfere with U.S. elections, which included a sustained campaign of propaganda and the unleashing of cyberoperatives."There should be no doubt that Russia perceives its past efforts as successful and views the 2018 U.S. midterm elections as a potential target," said Dan Coats, the director of national intelligence.
No evidence indicates that hackers succeeded in directly tinkering with votes, but there is ongoing concern that voter registration technology is vulnerable to hacking.
The Illinois cyberattacks were highlighted in "60 Minutes" report in April, and Sandvoss told reporter Bill Whitaker it amounted to "a fast-growing tumor" that was "unlike anything we had ever seen." The state was able to plug website holes after hackers got "bits of information" on thousands of voters and complete records of 3,500, according to the story.
Illinois election officials said before the March primary, which came two years after that 2016 attack, that they had beefed up defenses and were scanning for possible intrusions.
State Board of Elections officials also told Fox News this spring that about 76,000 Illinois voters may have had their information viewed. A total of 14,121 of them were residents of Galesburg, according to the report.
The threats of election hacking go back farther than the most recent general election, said Glen Sagers, professor of cybersecurity in the School of Information Technology at Illinois State University. In 2005, a test of machines made by popular election equipment company Diebold, showed they could be hacked without notice. Known as the Hursti Hack, the controlled experiment showed that election equipment was susceptible just like any other piece of technology.
As Sagers sees it, the issue comes down to a combination of information that is of interest to potential hackers, and software that may not be as well-guarded as necessary.
“A lot of times, the software just isn’t well written,” Sagers said. “So if you’re susceptible to that or any other kinds of attacks… you can get in there and change the records and there wouldn’t be any records you were ever there as an attacker.”
More emphasis has been put on securing elections in the past year-and-a-half. In the federal budget passed earlier this year, $380 million was allocated for the Help American Vote Act, set aside to provide funds to assist state an local election officials in improving cybersecurity related to elections. As of June 5, 26 states have requested $209 million, according to the Election Assistance Commission.
Improving ones security can be costly, Bean said. Aside from new equipment, the cost of hiring specialists to analyze and test one's systems start in the thousands of dollars and quickly go up from there.
The new election equipment Macon County purchased in 2016 cost $550,000, which was covered by revenue brought in by permits purchased for the county's wind farm project. Bean said earlier this week that the equipment was purchased, in part, because the county's old equipment was shown to be susceptible to hacking.
And then there is what Josh Tanner calls the “cat and mouse” nature of protecting oneself from hackers.
Tanner, who oversees information technology in the Macon County office building along with his role as supervisor of assessments, said recent security upgrades include new election equipment in the clerk’s office and updated firewall, which acts as a filter to block unauthorized access while allowing legitimate outward communication to go through without issue. The county is also connected to state and federal security bulletins will contact local officials if there is any detection of an attempt to breach their data.
But as the county changes its tactics, so too do potential hackers, Tanner said.
“They will try to probe the system, and then when we notice high levels of traffic from overseas countries, then we can shut that entire country off (from accessing the site) and see if legitimate customers call and say, ‘hey, we cannot access the county’s website anymore,’” Tanner said. “But by that point, they move on to another location.”
He could not go into specifics due to the sensitivity of the information, but Tanner said there has been several occasions where the county saw an unusual spike in traffic from specific countries, which required them to block certain regions from accessing the county website.
Raising security awareness
Much of the pressure to protect the integrity of elections fall on those local election officials, which can be jarring for those like Turner.“When you run as a clerk, you certainly don’t think this is a thing you’ll have to deal with,” she said. “I mean, we have enough things to deal with, let along cybersecurity. But hey, it’s just another hat!”
Turner is helping to set up the conference next week in Bloomington, which will see county clerks, election commissioners and officials with the Illinois State Police, Department of Homeland Security and the Election Assistance Commission to better educate officials on election security, from recognizing and reporting a threat, to how hackers can try to access their networks.
Turner, who has undergone cybersecurity training, said it can be a challenge to know all the ways that hackers can attempt to access their network. A common example is with an email with a generic headline like “invoice” and an attached PDF file. By opening that file, Turner said hackers can immediately access and corrupt the email recipient’s network.
Officials like Bean, Turner and McLean County Clerk Kathy Michael said they already hard at work to improve their cybersecurity and to prevent any attacks ahead of the Nov. 6 election. For Michael, public awareness of the training will also go a far way to letting voters know that efforts are being made to ensure the integrity of future elections.
“I think the public needs to be made aware... the rights of voters here in Illinois are really being protected with great vigor,” she said.
©2018 the Herald & Review (Decatur, Ill.) Distributed by Tribune Content Agency, LLC.