How Connecticut is fighting the threat to U.S. democracy and our elections system
The threat is real. Authoritarian regimes have tested tactics against American election systems that they can deploy to undermine confidence in the integrity of the 2020 elections.
First, they continue cyber activities intended to gain access to confidential campaign information and infiltrate U.S. election networks. Second, the same information intervention campaigns used by these powers to inflame existing divisions and discord in the American electorate also can be weaponized to spread disinformation about the election process itself.
In Connecticut, the only way 3.5 million people could defend themselves from the threats against the state’s election system was to build an unprecedented partnership to create and swiftly execute a plan of action.
Secretary of the State Denise Merrill convened a Connecticut Elections Cybersecurity Task Force, which includes local, state, and federal officials in law enforcement, cybersecurity and election administration, to strengthen information-sharing and the development of a plan to protect state and local election systems from cyber-attack. Merrill discussed these plans with the Connecticut congressional delegation and determined which federal resources could be used to advance the effort. The secretary created a three-point plan to protect the integrity of Connecticut’s elections from foreign interference.
First is the protection of state and local election systems from cyber-attack. Connecticut has a highly decentralized election administration system with 169 autonomous municipalities with their own independently elected election officials, all with important responsibilities but few resources. To measure the condition of municipal cyber defenses, the Connecticut National Guard, at the direction of the secretary of the state, is performing an assessment of the cybersecurity posture and election infrastructure of each town.
Connecticut is upgrading town network connections to state-hosted election systems, deploying virtual desktop infrastructure for ongoing security upgrades, and providing matching grants to municipalities that commit to investing in replacement workstations that improve cybersecurity.
Second, the state is investing in training and personnel dedicated to protecting election infrastructure from interference. Connecticut’s elections are run by the registrars of voters, town clerks and moderators found in each municipality. Training in cybersecurity awareness and best practices is being provided by Merrill’s office, with support from the chief information officer for the state, to all election officials.
Those officials must use two-factor authentication to access Connecticut’s centralized voter registration, a system that in 2016 was subject to Russian scanning operations. The Office of the Secretary of the State provides ongoing training classes and has made cybersecurity part of the certification process for all new registrars of voters. The office hired an additional IT specialist to focus on cybersecurity and added five election support officers to partner with local election officials in implementing those measures.
Third, the state is building a network-centric approach to combating disinformation campaigns that have the potential of disrupting the election process. There is evidence that malicious foreign actors could use their social media influence and tactics to promulgate false procedural information to disrupt the process of voting.
The Office of the Secretary of the State is launching an effort to look for inaccurate voting information on social media. Using the MITRE Corporation’s SQUINT program, a “trusted crowd” of election officials and citizens can report suspect postings via smart phone or browser. The secretary of the state’s office then reviews and may provide clarifications to the public. The office has also hired an election information security analyst to scan social media and the dark web to identify and counter any misinformation or disinformation.
Connecticut’s best defense against disinformation efforts designed to undermine the election process is to stay alert and arm its people with the information they need. To meet that goal, the Office of the Secretary of the State has launched a public information campaign designed to explain aspects of the election process that have taken on new relevance since the advent of the COVID-19 crisis, the largest such effort in its history.
We cannot expect the assault on American democracy to recede anytime soon. The most recent National Security Strategy of the United States clearly identifies our main national security challenge as coming from “great power competition” and says, “America’s competitors weaponize information to attack the values and institutions that underpin free societies.”
Secretary Merrill and our local election officials are rising to meet this threat.
Scott Bates is the Connecticut Deputy Secretary of the State and the former Senior Policy Advisor for the U.S. House of Representatives Homeland Security Committee. He has taught at the National Defense University.