Preventing election attacks paramount for state in 2020, but some want better assurance of security

Security for the 2020 presidential election has caught the attention of Americans from Capitol...
Security for the 2020 presidential election has caught the attention of Americans from Capitol Hill to Iowa. (KCRG FIle)(KCRG)
Published: Oct. 22, 2019 at 6:35 PM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

In July, Special Prosecutor Robert Mueller delivered a stark warning to Congress: Russian hackers are continuing to try to affect US elections.

“It wasn't a single attempt,” he said of hackers’ efforts during the 2016 election. “They’re doing it as we sit here, and they expect to do it during the next campaign.”

His testimony on July 24 followed nearly two years of investigation into Russian interference in the 2016 presidential election.

“Over the course of my career, I have seen a number of challenges to our democracy. The Russian government’s effort to interfere in our election is among the most serious,” Mueller told members of the House Judiciary Committee. “And as I said on May 29, this deserves the attention of every American.”

Security for the 2020 presidential election has caught the attention of Americans from Capitol Hill to Iowa, where Secretary of State Paul Pate is tasked with making sure votes are secure.

"We have to take it seriously. It's too important,” Pate said. “So we do plan for the worst and hope for the best.”

Iowans cast their votes on paper ballots, but the database used to register votes, called the I-Voters System, is electronic and stores the information of more than 2 million Iowans.

That has at least one county auditor worried about possible hacks.

"They could go in and say you've already voted. That would be a problem,” Linn County Auditor Joel Miller said. “They could go in and move you to another precinct. They could go in and move you to another county. They could delete you all together."

Miller also serves as Linn County’s Commissioner of Elections, overseeing voting in Iowa’s second-largest county.

He questions what shape the I-Voters System is in and if it is prepared to withstand attacks during the 2020 election.

"I entertain the possibility that everything is fine with the system and that it's secure,” Miller said. “But you have to give me more than just tell me, 'Trust me, it's secure.' That doesn't work.”

"I can list, as he knows, all the things we're doing,” Pate countered, pointing to a list of both physical and cybersecurity measures that he said are keeping I-Voters safe. Those include two-factor authentication for anyone with access to the system, weekly scans from the Department of Homeland Security and training for all 99 counties.

"We watch for bad players trying to look around for something vulnerability-wise if you will,” Pate said, adding that his office also works on security with the FBI and the Iowa National Guard’s cybersecurity division.

Miller, however, argues that those claims alone do not prove the system is actually secure and wants to see the proof for himself.

In July, he filed a complaint alleging Pate has failed to comply with regulations set by the Help America Vote Act. The state’s Voter Registration Commission will review his complaint in a hearing but hasn’t yet set a date.

"There's a lot of information that could be shared without giving away the kitchen sink here,” Miller said.

Miller also believes the system’s age increases its vulnerability.

"It's a 14-year-old system, and as people have told me, nothing built 14 years ago is secure today,” he said.

"It’s not standing as it was 15 years ago,” Pate responded. “We've had to do patching and upgrades on a regular basis. … It's something you do to make sure all your security measures are up to date.”

But one cybersecurity expert said it’s less about the age of the system than it is about its complexity.

"Some older systems can certainly have bugs that have been around for a while that are better known, but newer systems can have those bugs too, things that people haven't uncovered yet,” said Aaron Warner, the CEO of ProCircular, an information security and privacy firm based in Coralville.

ProCircular monitors cyberattacks around the world, and Warner said someone — especially Russians — will try to attack voting systems in Iowa in the next year.

"I know for a fact that Russia is attacking the United States to try to influence the election, and that will only increase the closer we get to the 2020 elections,” Warner said.

But Warner said he has faith in the I-Voters System.

"There are a lot of measures that have been put into place to protect the integrity of voting,” he said. “There's certainly room for improvement, but generally speaking, I think our election system is in a lot better shape than maybe people give it credit for."

Both Warner and Pate said no one has hacked the I-Voters System, to their knowledge. Pate believes someone will try but won’t succeed.

"I'm very confident that we can assure Iowans that nobody is going to change their vote, and their vote will be counted. I'm very confident in that,” Pate said.

But Miller still questions if that confidence is well-founded.

"It's important we know the answer now because we've got about a year to prepare, and so if we're not prepared, that's going to have consequences,” Miller said.

A new registration system is set to eventually replace the I-Voters System, but not by the 2020 presidential election.

Pate said the new system, which they’ll most likely unveil in 2021 or 2023, will cost around $7 million, and they haven’t yet received all the funding for it.