Critical Democracy Infrastructure Briefing: 2nd Edition
Miller, Perez, Sebes & Valente
Executive Summary
American democracy is now beset by nation-state adversaries who seek to weaken our country by undermining confidence in our democratic institutions, through attacks on or abuse of the essential infrastructure of the activities of democracy. Especially besieged is the democratic bedrock of free and fair elections—the very source of any government’s legitimacy, and the basis for orderly transfer of political power. The current attacks target a broad range of entities including social media and other platforms for political discussion, the base of operations of political organizations and campaigns, and the process of voting.
All forms of attack on critical democracy infrastructure (CDI) should be of concern to all citizens of any democracy. However, CDI in the U.S. includes a particularly complex and vulnerable subset: the technology, people, and processes for administering elections and operating an election—especially the management of voter lists, and the casting and counting of ballots. This election infrastructure (EI) is critical to preserving sovereignty and protecting national security, and is designated as part of our nation’s critical infrastructure (CI). Unlike the broader range of CDI, EI has bright-line boundaries: namely, the infrastructure of U.S. government election jurisdictions at state and local levels. In contrast to some other democracies, American EI is complex at nearly all levels, including the technological level—and is almost completely lacking in original design for robust defense against attacks by nation-state adversaries.
This Briefing focuses on election infrastructure, its definition and details; an assessment of current vulnerabilities and responses to them; and a set of findings for the issues most urgent to address in order to effect significant improvement in EI security, integrity, and trustworthiness. However, the broader vulnerabilities of CDI—including propaganda, disinformation, and attack on the infrastructures and processes of U.S. democracy—taken together with the specific vulnerabilities of EI can create a synergy that results in a more dangerous systemic weakness. That danger is also addressed in this report.
Mitigation of technologically enabled propaganda and digital disinformation campaigns present frustratingly thorny problems. By contrast, sound solutions already exist for several of the current weaknesses in EI technology and processes. Short-term responses and risk management have garnered considerable attention since the wake-up call of the 2016 election. But substantial risk reduction requires long-term planning and investment. This has begun, but only recently, and is still poorly understood by many of the stakeholders in election security and integrity. This Briefing focuses on the most critical risk-reduction opportunities, those that would both strengthen intrinsic EI and also limit adversaries’ opportunities for disinformation attacks—which, when coupled with effective attacks on today’s highly vulnerable EI, become exponentially more powerful.
A special acknowledgement to Sergio Valente of the OSET Institute’s Government Relations & Public Policy Team for his extensive work in research assistance and initial drafting of this 2nd edition.
Foreword
In 2016 we witnessed a foreign state adversary launch successful attacks on our election processes and technology. The clear realization was that U.S. election infrastructure is a matter of national security. In 2017, the OSET Institute produced the first full treatment of the subject matter in the first version of this Briefing. The critical infrastructure designation by the former Administration was still new and drew partisan disagreement over what that meant. The new Administration allowed the designation to stand, which turned out to be beneficial for several reasons. Some wondered whether Congress should codify the designation. That hasn’t happened and probably just as well. What remains clear is that election technology must be properly engineered, deployed, operated, and protected against attacks.
Russian, and now Chinese, Iranian, and North Korean state sponsored cyber-terror operations have been—as I predicted in 2017—refined to inflict enormous damage to not only the infrastructure, but the very trustworthiness of elections and their outcomes.
As a former Deputy Director of the National Security Agency, fortified by my continued engagement in breakthrough information security innovations ever since, I maintain the position I set forth in the first edition of this Briefing: In order to combat the threat of growing foreign attack capabilities, election technology must be redesigned using a security-centric engineering approach. This need to improve election security was true three years ago; it is even more imperative today.
I believe it is now undisputed that our election technology is obsolete, and relies on an untrusted dwindling supply chain of replacement parts. Polling places are mini data centers, and the fact that no Internet connectivity is involved is irrelevant to their security. Election administrators cannot be expected to counter increasingly capable cyber adversaries. Without a reset of the priorities for protecting election operations across the nation with better protocols, policies and platforms, our electoral process will be inflicted with increasing chaos, uncertainty, and upheaval. Proper protection is essential for trust in the operational results: accepted winners and losers, and the orderly transfer of power.
This second edition of the CDI Briefing synthesizes what we have learned in three years, and provides several recommendations. It offers a foundation of information on which to build more secure, lower cost, trustworthy election technology and processes. But, we’re running out of time. The 2020 election is six months away at this writing, and I believe it will likely be the last national election that can be safely administered on the existing technology infrastructure and systems.
Unfortunately, continued polarization has made this topic of how to protect our election infrastructure nearly impossible. As I noted in 2017, this must change, and sadly it has not. My view is that the earlier we make the decision to reinvent future election systems at some present cost, the better off we will be. Our adversaries may not have any partisan preference; they are opportunists. Therefore, we must pursue a patriotic approach. I believe this second edition of the OSET Institute CDI Briefing offers a discussion vehicle for securing this important aspect of our sovereignty in a nonpartisan way. I hope you agree.