After great news on voting rights from a bunch of state and federal courts over the past week, and sudden concerns from the the Right, the Left and the corporate media about the possibility of stolen elections, the Dept. of Homeland Security is finally looking into taking action.
"We should carefully consider whether our election system, our election process is critical infrastructure, like the financial sector, like the power grid," DHS Secretary Jeh Johnson said this week. "There's a vital national interest in our electoral process."
Years ago, I began reporting on the serious vulnerability of our election system to manipulation (and error) from both foreign and domestic sources. In 2006, for example, after helping supply computer security analysts at Princeton University with a Diebold touch-screen voting system for the first independent tests of such a machine, I reported both at The BRAD BLOG and at Salon that the analysts were able to hack into it, in about 60 seconds time, with a virus that would flip election results and pass itself from machine to machine with virtually no possibility of detection. That followed on an Exclusive series of 2005 reports from a Diebold insider who I called "DIEB-THROAT" at the time, describing how the company's lead programmers admitted that the security on their systems was terrible and that a branch of DHS had already warned, in 2004, about an "undocumented back door" in the systems.
In 2009, by way of just one more example, we reported here on remarks delivered to the U.S. Elections Assistance Commission (EAC) by CIA cybersecurity analyst Steven Stigall, describing how "wherever the vote becomes an electron and touches a computer, that's an opportunity for a malicious actor potentially to make bad things happen," before going on to note that the CIA became interested in electronic voting systems years earlier "after concluding that foreigners might try to hack U.S. election systems."
So, it is with some skepticism that I regard Johnson's remarks this week about finally taking action to identify our existing, vulnerable electoral system as "critical infrastructure". Is it too little, too late on the eve of another Presidential election? And is it even possible to protect the type of electronic vote casting and counting systems we currently use in our elections? And what does the designation as "critical infrastructure" actually mean any way?
I'm joined on today's program for some answers by Scott Shackelford, cybersecurity law and business expert from Indiana University and the Harvard Kennedy School's Belfter Center, to explain some of this, and to describe some of the ways in which the U.S. might expand existing international agreements to keep domestic elections from being tampered with by foreign powers. Shackelford, writes about the issue this week at the Christian Science Monitor in an op-ed titled "How to make democracy harder to hack."
"It definitely is too late at this point to wake up and get all 9,000 jurisdictions on board for November," he tells me today. "Maybe instead of focusing quite so much on driver's licenses [to prevent fraud] and making sure we have different IDs in some of these states, it would've been great to have put that focus a little bit more on cybersecurity. But that didn't happen."
For what it's worth, my answer, after more than a decade on this beat: No, it's not possible to protect the type of electronic systems we currently use without moving to what I describe as "Democracy's Gold Standard". But Shackelford offers several ways we can, at least, try to improve the situation and mitigate the current dangers, as well as some thoughts on why action has been so long in coming. "Elections do quite a bit to focus minds. It is unfortunate that we lose some of that focus in the aftermath of these elections," he says.
Also today, why the right to vote is so important, whether you like it or use it or not, and why, for me, at least, it's still about rights, not politics, some 52 years to the day after the bodies of civil rights activists Andrew Goodman, James Earl Chaney and Michael Henry Schwerner were found after being murdered in Mississippi for trying to help register African-Americans to vote in 1964.
And, finally, speaking of vulnerable, as deadly, climate-fueled extreme weather continues across the planet, Republican U.S. Senator Ron Johnson of Wisconsin, up for re-election this year against former Democratic U.S. Senator Russ Feingold, offers up some of the dumbest, most embarrassing, scientifically disproven and just out-and-out inaccurate arguments against taking action on climate change that he could possibly muster. All of that and more on today's BradCast…
Guest: Indiana University cybersecurity law expert Scott Shackelford