Taking a look at election security on US midterm Election Day. (With updates.)

Today is midterm election day in the United States. Between government agencies and the military, much work has been done to secure the election. There are also threats posited by other actors and misinformation around elections.

Threats.

VOA News reports that a US official said that they believe the most plausible threat is a single individual, a “lone wolf,” who acts on their own desires and doesn’t represent an extremist group. They continue, saying that individuals may be more driven by beliefs that the 2020 election was illegitimate, as well as other topical political issues. AP News discusses misinformation, saying immigration, crime, public health, geopolitics, disasters, education or mass shootings are usually the main areas where one will see political misinformation, but that this year, the misinformation is primarily centered around voting. The security of mail-in ballots, noncitizens voting, the dead voting, and fictitious stories about the voting machines themselves, have been observed. Misinformation around the US election has also been seen in languages other than English, and researchers share concern, as many major platforms focus on English content moderation. There is also the threat of foreign nation-state interference from places such as Russia, China, and Iran, but domestic groups and individuals are said to be more of a threat.

Securing the election.

CNN reports that Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly met with election officials in Michigan and Wisconsin, who she said were pleased with the federal assistance provided by CISA, but a Michigan elections director, Jocelyn Benson, says that the support is appreciated, but is just not enough with escalating risks, saying, “In many ways, we are more prepared and better funded than we were in 2020. But the challenges we are facing are escalating. So it’s gonna create a need for a regular stream of resources moving forward.” State Scoop also reports that fourteen states have activated cyber units within their National Guard to protect the networks of election officials. Commander of the Washington Air National Guard, Brig. Gen. Gent Welsh, said the involvement of the National Guard in securing the election can help instill trust in the public, and Air Force Maj. Gen. Rich Neely, head of the Illinois National Guard, said that the Guard doesn’t expect to see anything. CISA released a blog last week, discussing what to expect in the election, including the resilience of the voting system that is built into each state’s voting system, as well as the importance of voters being vigilant and checking trusted sources for voting and poll information.

Update, 3:45 PM, November 8th, 2022.

Senior CISA officials said this afternoon that as of 1:30 PM EST, the elections are still going smoothly with respect to cyber threats. “We continue to see no specific or credible threat to disrupt election infrastructure,” a senior CISA official said. “To be very, very clear, we have not seen any evidence of foreign influence affecting our election infrastructure.” Technical issues with voting machines have been seen in Maricopa County, Arizona, the New York Times reports, and are causing some politicians to consider the possibility of wrongdoing. “Ensuring safe and secure elections is a nonpartisan activity," the CISA official said in reference to the situation. "Elections are surprisingly technical and complicated, and there are vast differences in how voting works across counties and states, so I’d really want to defer to the officials in Maricopa County,” the official continued, emphasizing the importance of local and state election officials as trusted sources for information.

Update, 8:30 PM, November 8th, 2022.

CISA held its last media election briefing at 6:45 PM today, and a senior CISA official says that they still don’t believe that there is a credible threat to election infrastructure. The official says, however, that the agency is “aware of possible DDoS attacks.” One state seeing issues has been Mississippi, with some government sites, including the Secretary of State’s site, being rendered inaccessible, the Wall Street Journal reports. The CISA official confirmed that it was a DDoS attack, and that the state is working on mitigations.

Another senior CISA official said that the agency is aware of claims on Telegram by a pro-Russian hacktivist group of being behind the attack, but that there isn’t enough evidence for the federal government to attribute the attack. Mississippi is the only state where CISA has observed a sustained outage. DDoS activity has been seen in other states, but the agency hasn't observed an “operational impact on voting systems” from any of these DDoS incidents. WCIA reported earlier today that the clerk’s office of Champaign County, Illinois, believes their voting machines fell victim to DDoS attacks, and the first CISA official confirmed that the agency had engaged both the state of Illinois and Champaign County. “We understand the technical issues with a vendor have now been resolved and no impacts to votes have been observed,” the official said of the situation.

Concerns about the possibility that a ballot tabulation machine outage in Maricopa County, Arizona, might have been deliberately induced were nipped in the bud. A CISA official said that the agency had investigated and found “no indication of malfeasance” in the outage. CISA directed those interested in the situation to local election officials for updates.

As the polls closes across the country, a senior CISA official said counting the ballots will take time, that leads will likely change, and that this is entirely “normal, it happens every year." The official explained that, “These are not ‘delays.’ This is part of the normal process … It’s not a delay, it is really the normal verification process that can take days to weeks.” Officials said that CISA will continue to support election officials, but the agency itself neither audits results nor has a role in the certification process. There is, CISA said, a lot of transparency in the post-election process, with members of both major parties having a hand in it. “We [position] ourselves to amplify election officials as trusted voices,” the official said.

In brief, elections appear to have proceeded normally, with no early indications of interference or manipulation.

Update, 8:30 AM, November 9th, 2022.

The FBI's assessment last week of the dropping effect of distributed denial-of-service (DDoS) operations seems to have been borne out. WAPT reported some intermittent DDoS incidents late yesterday that had a minor impact on the Mississippi Secretary of State's public website, but these had no effect on voting and were in any case quickly remediated. One county, Champaign County in downstate Illinois, reported outages and computer "performance issues," but said, NBC Chicago reports, that the issues were quickly remediated without significant effect on voting. The tabulation machine outage in Maricopa County, Arizona, seems to have been a malfunction. Few other reports of issues surfaced yesterday. (Consider that there are well over three-thousand counties in the United States.)

Fourteen states used cyber experts in their National Guard to help secure the voting, and, as the National Guard Association of the United States pointed out, very few voting devices are connected to the Internet anyway, which made interference at the voter-level unlikely in any case.

General Paul Nakasone, National Security Agency Director, issued a brief statement reminding voters that NSA and US Cyber Command were, with their partner agencies, "committed to defending our electoral process from foreign threats."

Rumors of election manipulation would appear to amount to mis- and disinformation. As voting wound up late yesterday, Reuters reported that it proceeded without unusual difficulty. A review of voting the morning after election showed little evidence of cyberattacks and even less evidence of disruption. The AP's overview of Election Day quotes an observer from Common Cause. Sylvia Albert, the group's director of voting and elections, said, “This was a pretty calm, normal election. We had isolated incidents of standard election administration issues, but nothing widespread or particularly concerning.”

Update, 5:45 AM, November 10th, 2022.

Jen Easterly, Director of the US Cybersecurity and Infrastructure Security Agency (CISA) said yesterday, “We have seen no evidence that any voting system deleted or lost votes, changed votes, or was any way compromised in any race in the country." Minor distributed denial-of-service (DDoS) incidents were reported in a few jurisdictions, the PBS News Hour reports, but these seem in no case to have affected the voting infrastructure itself. CISA Director Easterly added a sensible civics lesson to her statement, obviously intended as a prebunking of the sort of mis- and disinformation that can be expected in coming weeks:

“Right now, election officials are tabulating votes, reviewing procedures, and testing and auditing equipment as part of the rigorous post-Election Day process that goes into finalizing and certifying the results. It’s important to remember that this thorough and deliberative process can take days or weeks, depending on state laws; these rigorous procedures are why the American people can have confidence in the security and integrity of the election. We urge everyone to look towards your state and local election officials for the most accurate and up-to-date information about vote counts and to remain patient as election officials continue to do their jobs and carry out the certification process.”

That is, don't mistake the normal functioning of state and local electoral machinery for evidence of conspiracy to commit election fraud.