Citing increasingly sophisticated cyber bad actors and an election infrastructure that's "vital to our national interests," Homeland Security Secretary Jeh Johnson is designating U.S. election systems critical infrastructure, a move that provides more federal help for state and local governments to keep their election systems safe from tampering.
"Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law," Johnson said in a statement Friday. He added: "Particularly in these times, this designation is simply the right and obvious thing to do."
The determination came after months of review and despite opposition from many states worried that the designation would lead to increased federal regulation or oversight on the many decentralized and locally run voting systems across the country. It was announced on the same day a declassified U.S. intelligence report said Russian President Vladimir Putin "ordered" an influence campaign in 2016 aimed at the U.S. presidential election.
The declassified report said that Russian intelligence services had "obtained and maintained access to elements of multiple U.S. state or local electoral boards." None of the systems targeted or compromised was involved in vote tallying, the report said.
A 2013 presidential directive identified 16 sectors as critical infrastructures, including energy, financial services, health care, transportation, food and agriculture and communications.
The designation announced Friday places responsibilities on the Homeland Security secretary to identify and prioritize those sectors, considering physical and cyber threats against them. The secretary is also required to conduct security checks and provide information about emerging and imminent threats.
Such a change does not require presidential action, and only requires the secretary to first consult with the assistant to the president for homeland security and counterterrorism.
Discussions about whether to designate elections systems as critical infrastructure surfaced after hackers targeted the voter registration systems of more than 20 states in the months prior to the November election.
While the designation puts responsibilities on the Department of Homeland Security, it does not require entities that are determined "critical infrastructure" to participate. Much of the nation's critical infrastructure is in the private sector.
Johnson said election infrastructure included storage facilities, polling places and vote tabulation locations, plus technology involved in the process, including voter registration databases, voting machines and other systems used to manage the election process and report and display results.
The designation allows for information to be withheld from the public when state, local and private partners meet to discuss election infrastructure security — potentially injecting secrecy into an election process that's traditionally and expressly a transparent process. U.S. officials say such closed door conversations allow for frank discussion that would prevent bad actors from learning about vulnerabilities. DHS would also be able to grant security clearances when appropriate and provide more detailed threat information to states.
The Obama administration has proposed international cyber rules for peacetime that would expressly note that countries shouldn't conduct online activity targeting critical infrastructure, which will now also include election systems.
...
Connect With Us