As the March 17 Illinois primary approaches, state and local election officials say they are continually working to keep election records, information and vote totals safe from outside meddling.
“What I always say is we’re confident that we’re doing everything we can to stay a step ahead of any cyber attacker,” said Matt Dietrich, spokesman for the Illinois State Board of Elections. “But all you can ever hope, when you’re dealing with cyber security, is to stay ahead of the next hacker.”
Illinois made national headlines in 2016 after state election officials notified 76,000 voters that their information in the voter registration database had been breached but not changed. In 2018, Special Counsel Robert Mueller’s probe of election interference in 2016 yielded indictments of 13 Russian hackers. The indictment referenced the intrusion into the Illinois system.
“We’ve spent a tremendous amount of time since then getting aware of and training and putting in systems both physical and for (cyber) security,” said Tom Bride, the executive director of the Peoria County Election Commission.
Doing so was important.
“I think there’s no state that had more of a wake-up call than Illinois,” said David Becker, executive director of the nonprofit Washington, D.C.-based Center for Election Innovation and Research.
Since then, he said, “Illinois has been in many ways a model for some of the other states,” through transparency about the problem that occurred and about security steps the state has taken.
Experts with the state’s Cyber Navigator program and Department of Innovation and Technology have worked with all 108 election authorities to protect the system’s integrity. The program has a staff of 10.
“They can conduct risk assessments of the offices,” Dietrich said. “They can identify hardware that needs to be updated or software that an authority might need.”
The addition of cybersecurity staff is important, Bride said. Places like Peoria County also work with local county IT staff, but he said for smaller counties to have that resource is valuable.
The state added about $800,000 to a $13.2 million federal grant in 2018 and used part of it to create the program. In December, the state received authorization for a new $14.8 million federal grant but must provide a 20 percent match before spending the funds. Gov. JB Pritzker’s proposed 2021 fiscal budget, which begins in July, includes $3 million for that match.
Other steps taken since the 2016 breach include software upgrades, addition of cybersecurity staff, and work with national organizations and other Illinois state agencies that fight computer attacks.
Neil Herron, the election board’s cybersecurity information sharing program manager, noted that election tabulation machines are not networked online, so vote totals can’t be compromised from outside. He said reporting results from “a few machines in Chicago” involve using a cellular wireless system — but one that only allows sending data, not receiving it.
He also said that under Illinois law, all voting machines must have some sort of paper backup — either paper ballots, or paper receipts. The latter are used in Peoria County. That means a vote-by-vote recount can be done in any contested election.
According to Herron, Illinois officials are advising local election authorities on ways to protect their websites. Those sites carry election information, such as where to vote, and report unofficial election results.
In recent years, Herron said, alleged Russian hackers sent a doctored web page with fake results from a Ukraine election to Russian media, but Ukrainian officials discovered the wrong numbers before making them public. He said risks of such meddling continue to exist.
“If a foreign government-backed group wants to penetrate a web page, it’s difficult to 100-percent stop them,” Herron said. He said an attack most often could just disable a site, but that, too, could deprive people of information, such as where to vote.
In Sangamon County, County Clerk Don Gray said, the voter registration system, like most such systems in the state, works through the Illinois Century Network. The system is state-managed and avoids use of outside internet companies. Herron said he thinks about 101 of the 108 election authorities are on the network. The secretary of state’s computers are also on the Century Network, spokesman Dave Druker said.
Gray also serves on the State Board of Elections Advisory Council and is on the board of advisors to the U.S. Election Assistance Commission, jobs that help keep him updated on the latest information about security. And, he said, there is routine training about how to avoid threats — like not opening suspicious emails that could contain malicious software — for all staff members in the clerk’s office.
Sangamon and other counties were touched by recent problems with the state’s automatic voter registration program. Some people flagged for registration at Illinois secretary of state facilities were ineligible while voting rights of some former prison inmates were wrongly purged.
“We’ve tested extensively,” Dietrich said. “That system is up and running. There is no reason to doubt the integrity of AVR.”
Nationally, said Becker, from the election innovation and research nonprofit, election officials have become more vigilant.
“We are light years ahead of where we were in 2016,” Becker said, as federal, state and local officials are doing a much better job of sharing information about threats.
“That being said, whenever you use technology, nothing is completely secure. There’s always the chance of some kind of vulnerabilities.”
Becker also said he thinks election officials, the media and citizens should lower expectations for instant election night results. Such results are non-official and may not reflect provisional ballots cast and other legal but late-arriving ballots. In close elections, he said, next-day results are “the way it should be.” Overturning an improper result announced in a tight race, he said, could cause “chaos and a lot of outrage.”
With slower but well-vetted results, he said, supporters of both sides could be confident of the result.
Securing the election
Here are some steps Illinois election officials have taken to increase voting security since the 2016 breach of state election registration records:
• Regularly conduct “hygiene scans” to detect potential vulnerabilities in the data systems.
• U.S. Department of Homeland Security has performed a “risk and vulnerability assessment” analysis of the state election agency.
• Upped participation in groups and associations dedicated to sharing cybersecurity intelligence and analysis that are part of an umbrella organization called the Center for Internet Security.
• Purchased updated firewalls and software to protect the system.
• Worked with the Illinois Department of Innovation and Technology and the Illinois State Police on continuing cybersecurity issues.
• Added four cybersecurity staff members at the State Board of Elections, one of which works full-time at the state’s Statewide Terrorism and Intelligence Center in Springfield.
Journal Star reporter Chris Kaergard contributed reporting.