Election hackers are paying attention to the security vulnerabilities in American territories, so why aren’t we? Russians targeted one just last cycle—American Samoa. During the 2016 presidential election, Russian hackers sent emails to addresses at the American Samoa Election Office. According to the NSA, the Russian emails were part of a classic spear phishing attack, written to “mimic a legitimate absentee ballot-related service provider.” The NSA estimates the emails were tests, a tactic hackers often use when casing potential attacks.
U.S. citizens living in territories like American Samoa and Puerto Rico lack the right to vote in federal elections—in and of itself a highly contested issue. However, elections are held to determine local leadership, including territorial governors and legislature members as well as city mayors.
So American Samoa may appear to be a low-value target for Russian hackers, given that the only federal votes held in U.S. territories are straw elections. But it seems that the goal of these hackers was less to support one candidate or party than to undermine American political institutions in general, including in the territories. Viewed this way, any U.S.-affiliated election system is a potential target.
In fact, the Russian hackers’ probe was not the first instance of malicious cyber actors targeting government websites in the territories. In March of last year, the Puerto Rican Electric Power Authority (PREPA) was hacked, resulting in service time delays, but thankfully no customer data was compromised. And just this July, both the police department and the Water and Power Authority (WAPA) in the U.S. Virgin Islands were compromised by hackers. In the first case, ransomware encrypted police department files and prevented access to key software-based services. In the latter instance, the WAPA lost $2.3 million to scammers posing as legitimate vendors who submitted fake invoices.
In a narrative report for the 2018 HAVA grant, the U.S. Virgin Islands Board of Elections wrote, “Considering the increasing volume and sophistication of cyber threats, the U.S. Virgin Islands Board of Elections (USVIBOE) believe[s] that our current physical infrastructure and voter technology systems are at great risk of being penetrated and compromised.” Their proposed election security plan included updating voter registration systems and conducting a system-wide review of any current security risks—recommendations we heartily endorse.
On Wednesday, Sept. 4, the U.S. House of Representatives’ Administration Subcommittee on Elections is holding a field hearing to examine, among other topics, election security in the territories. As 2020 approaches and as Congress considers its greater election security strategy, we would urge members to heed the warnings of these past attacks and include measures to address electoral security in the U.S. territories.
Some such measures follow, and we strongly recommend that Congress give them their due consideration.
Security capabilities vary even from county to county, so any uniform security standard would be challenging to implement. However, there are some methods that could increase the overall security of voter data and the election process itself.
The simplest and arguably most important recommendation is basic cybersecurity training for all personnel who handle sensitive data during the commission of an election. The federal government already has tools at its disposal, including programs, software and educational videos that it could easily deploy to all election-affiliated employees and volunteers without incurring costs.
Switching to paper ballots would stymie one potential attack point for hackers. As Guam Homeland Security Advisor George Charfauros stated this past October, “It’s a blessing in disguise for us on Guam because a lot of states, their voting system is online so you can influence that somehow through cyber attacks or influence through other methods using the cyber network, the network, but with respect to us on Guam we are not online.” Given the expenses associated with voting machine replacement, a transition to paper ballots may prove to be a secure and cost-effective choice for certain U.S. territories. For those territories who do use electronic systems, we recommend adopting an additional paper trail to use in case of audits.
Regardless of the vehicle used by elections officials to collect these votes, voter data will be stored electronically in some form. This stored data must be secure at every stage, anonymized and accessible only to those who have undergone basic cybersecurity training. Laws regarding the confidentiality of voter data vary by geographic region and in many cases require voters to opt-in. In at least one case, only those who were victims of domestic violence could petition to have their home addresses remain confidential. As a matter of personal security, voting authorities should maintain the security and privacy of sensitive data. A phishing scheme targeted at an individual with access to sensitive data, like the one attempted in American Samoa just last presidential cycle, would be detrimental to democracy everywhere.