Less than 20 percent of states have asked the Homeland Security Department for help assessing the security of machines at the polls and for scans of online voter registration databases ahead of the presidential election, a DHS official says.
DHS, the federal agency tasked with protecting U.S. networks, on Friday issued a statement reflecting a respect for the independence and reliability of state election systems but also a word of caution about the magnitude of the cyber threats menacing the 2016 race.
In the message, Homeland Security Secretary Jeh Johnson urged more states to take advantage of security protections the department makes available to outside organizations.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
As of Wednesday, “we have received requests and are currently working with nine states on scans and assessment services,” DHS spokesman Scott McConnell told Nextgov. He did not disclose the names of the states.
Election officials can take advantage of a variety of DHS services, including exchanges of information about cyber incidents and on-site assessments conducted by DHS experts of network configurations and digital voting machines, McConnell explained.
The on-site risk and vulnerability assessments can take up to three weeks, Johnson said. Security researchers, for more than half a decade, have shown it doesn’t require the internet or a nation-state cyber gang to manipulate the nation’s outdated ballot devices.
Another option Johnson said DHS provides is “cyber hygiene scans” that run remotely on voter registration databases—like the internet systems in Arizona and Illinois allegedly compromised by Russian hackers, online election night reporting tools, and other internet-connected election management systems.
“It is important to emphasize what DHS assistance does not entail,” he said. “DHS assistance is strictly voluntary and does not entail …