NOWCAST WDSU News at 10pm
Watch on Demand
Advertisement

EXCLUSIVE: Part 2: Clear majority of election leaders nationwide say 2020 vote 'more secure'

But nationwide survey reveals use of basic security precautions still not universal
Mark Albert
EXCLUSIVE: Part 2: Clear majority of election leaders nationwide say 2020 vote 'more secure'

But nationwide survey reveals use of basic security precautions still not universal

cyber leaders from the Department of Homeland Security brief the country's top state election leaders this week on election security lessons from 2020 and challenges ahead in an exclusive nationwide survey sent to more than 3000 local election administrators by the national Investigative Unit. Nearly two thirds of those who responded agreed with DHS telling us the election in their area was more secure than in prior elections and more than eight and 10 said they did get enough support from DHS. But cyber challenges remain. Sounds like a big problem. It is a big problem, as we first revealed with McAfee Security last February and then again in July. Most local election websites do not have basic cyber security protections such as encryption and being on dot gov ah federally validated Web domain. Eight months later, election leaders say they're making progress. Less than 20% say they still don't have encryption on their election websites, but more than double that 47%. Nearly half say they are not yet on a dot gov more secure domain. If you have a dot gov address allows the public to know to trust what's coming from you, DHS has tried to convince them to transition to it for years and tried again this week really shouldn't be that difficult for the public to identify whether you are a legitimate government site or not. I'm very proud of the relationship we had with what's called Oklahoma Cyber Command in our interviews with 25 secretaries of state and other top election leaders. For this story, cyber and election security came up again and again. One of my deepest concerns is cybersecurity and investments in technology toe look toward a future of increasing voter participation while maintaining the security and integrity of our elections. In Washington, I'm chief national investigative correspondent Mark Albert.
Advertisement
EXCLUSIVE: Part 2: Clear majority of election leaders nationwide say 2020 vote 'more secure'

But nationwide survey reveals use of basic security precautions still not universal
Mark Albert
As the country’s top election leaders meet this week for their annual winter conference – virtual this year due to the pandemic – a clear majority of election administrators in their states say the 2020 general election was “more secure” than voting in prior years, according to an exclusive, nationwide survey sent to more than 3,000 election administrators in all 50 states.The 35-question questionnaire was sent by the Hearst Television National Investigative Unit in December, days after states certified their electoral ballots in the U.S. presidential race, and ended Jan. 15, five days before President Joe Biden’s inauguration. The "Grading the Election" survey also illuminated how much work is yet to be done on cyber security, more than four years after Russian hackers scanned and ultimately penetrated some election, campaign, and party infrastructure during the 2016 race. ‘More Secure’ The survey asked local and state election administrators, from small municipalities to statewide jurisdictions, whether they thought the general election in their area “was more secure than in prior elections.” Of those who responded, 62.6% said “yes,” while a little more than a third – 37.4% — said “no.”PGRpdiBjbGFzcz0iaW5mb2dyYW0tZW1iZWQiIGRhdGEtaWQ9Ijk5ZjEzYjNkLTEwNmMtNDA3OC04M2YwLTdhMTFhZGFmNmIxZCIgZGF0YS10eXBlPSJpbnRlcmFjdGl2ZSIgZGF0YS10aXRsZT0iTklVIHN1cnZleSBxdWVzdGlvbiAjMTgiPjwvZGl2PjxzY3JpcHQ+IWZ1bmN0aW9uKGUsaSxuLHMpe3ZhciB0PSJJbmZvZ3JhbUVtYmVkcyIsZD1lLmdldEVsZW1lbnRzQnlUYWdOYW1lKCJzY3JpcHQiKVswXTtpZih3aW5kb3dbdF0mJndpbmRvd1t0XS5pbml0aWFsaXplZCl3aW5kb3dbdF0ucHJvY2VzcyYmd2luZG93W3RdLnByb2Nlc3MoKTtlbHNlIGlmKCFlLmdldEVsZW1lbnRCeUlkKG4pKXt2YXIgbz1lLmNyZWF0ZUVsZW1lbnQoInNjcmlwdCIpO28uYXN5bmM9MSxvLmlkPW4sby5zcmM9Imh0dHBzOi8vZS5pbmZvZ3JhbS5jb20vanMvZGlzdC9lbWJlZC1sb2FkZXItbWluLmpzIixkLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKG8sZCl9fShkb2N1bWVudCwwLCJpbmZvZ3JhbS1hc3luYyIpOzwvc2NyaXB0Pg==The results are being released to coincide with the annual winter conferences of the National Association of Secretaries of State (NASS) and the National Association of State Election Directors (NASED) this week, the biggest gathering of the America’s top election leaders since the general election concluded. During a session Tuesday on cyber security, Geoff Hale, a representative from the Cybersecurity and Infrastructure Security Agency (CISA) at the U.S. Department of Homeland Security, told conference attendees that his agency’s efforts to secure the vote by combating misinformation, including about election security, “is really something that we feel was a relative success that we can learn from and help to apply in other critical infrastructure sectors and other national critical functions.” DHS, other federal agencies, and partners such as the leaders of NASS and NASED had released a statement the week after the Nov. 3 election declaring it “the most secure in American history.” High marks to DHS for cyber support Election administrators also gave high marks to DHS and CISA for ramped-up efforts since the 2016 elections to deal with cyber threats.PGRpdiBjbGFzcz0iaW5mb2dyYW0tZW1iZWQiIGRhdGEtaWQ9ImJmNjZiYzU3LTUxMjMtNGJmNi05MTA5LTUyNGUzMzAzMjUxNiIgZGF0YS10eXBlPSJpbnRlcmFjdGl2ZSIgZGF0YS10aXRsZT0iTklVIHN1cnZleSBxdWVzdGlvbiAjMjAiPjwvZGl2PjxzY3JpcHQ+IWZ1bmN0aW9uKGUsaSxuLHMpe3ZhciB0PSJJbmZvZ3JhbUVtYmVkcyIsZD1lLmdldEVsZW1lbnRzQnlUYWdOYW1lKCJzY3JpcHQiKVswXTtpZih3aW5kb3dbdF0mJndpbmRvd1t0XS5pbml0aWFsaXplZCl3aW5kb3dbdF0ucHJvY2VzcyYmd2luZG93W3RdLnByb2Nlc3MoKTtlbHNlIGlmKCFlLmdldEVsZW1lbnRCeUlkKG4pKXt2YXIgbz1lLmNyZWF0ZUVsZW1lbnQoInNjcmlwdCIpO28uYXN5bmM9MSxvLmlkPW4sby5zcmM9Imh0dHBzOi8vZS5pbmZvZ3JhbS5jb20vanMvZGlzdC9lbWJlZC1sb2FkZXItbWluLmpzIixkLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKG8sZCl9fShkb2N1bWVudCwwLCJpbmZvZ3JhbS1hc3luYyIpOzwvc2NyaXB0Pg==More than eight in 10 — 83.5% — of respondents said they did get enough support from the department. That is a higher rating than administrators gave even their own state’s secretary of state for the level of support provided; 78.9% said their secretary of state’s office gave them “enough support.” In a statement for this story responding to that survey finding about his agency’s performance, CISA’s acting director, Brandon Wales, said he was “proud of the work our team did” to support election administrators and indicated the effort will continue, irrespective of the recent change in administrations. “Feedback like this helps to validate our approach, but it also illustrates that the mission isn’t over and there’s more work to be done,” Wales said. Basic security precautions still missing As the National Investigative Unit first revealed last February, and then again in July, most local election websites scanned by McAfee Security did not have basic cyber security protections such as encryption as well as being on .gov, a federally validated web domain. Eight months later, election leaders say they're making progress.PGRpdiBjbGFzcz0iaW5mb2dyYW0tZW1iZWQiIGRhdGEtaWQ9ImRiZmUwYzVjLTFhYmYtNDRjYS1iMWIzLTUxNzEzZDliZjE3MCIgZGF0YS10eXBlPSJpbnRlcmFjdGl2ZSIgZGF0YS10aXRsZT0iTklVIHN1cnZleSBxdWVzdGlvbiAjMTlhIj48L2Rpdj48c2NyaXB0PiFmdW5jdGlvbihlLGksbixzKXt2YXIgdD0iSW5mb2dyYW1FbWJlZHMiLGQ9ZS5nZXRFbGVtZW50c0J5VGFnTmFtZSgic2NyaXB0IilbMF07aWYod2luZG93W3RdJiZ3aW5kb3dbdF0uaW5pdGlhbGl6ZWQpd2luZG93W3RdLnByb2Nlc3MmJndpbmRvd1t0XS5wcm9jZXNzKCk7ZWxzZSBpZighZS5nZXRFbGVtZW50QnlJZChuKSl7dmFyIG89ZS5jcmVhdGVFbGVtZW50KCJzY3JpcHQiKTtvLmFzeW5jPTEsby5pZD1uLG8uc3JjPSJodHRwczovL2UuaW5mb2dyYW0uY29tL2pzL2Rpc3QvZW1iZWQtbG9hZGVyLW1pbi5qcyIsZC5wYXJlbnROb2RlLmluc2VydEJlZm9yZShvLGQpfX0oZG9jdW1lbnQsMCwiaW5mb2dyYW0tYXN5bmMiKTs8L3NjcmlwdD4=Now, fewer than 18% say they still do not have encryption (https) on their election websites.But more than double that – 47%, nearly half – say they are not yet on a .gov domain. PGRpdiBjbGFzcz0iaW5mb2dyYW0tZW1iZWQiIGRhdGEtaWQ9IjJkMGM5NDVkLTMxMmItNDM0MC1iZmQ1LTdkNGI2NDg5MDQ1MyIgZGF0YS10eXBlPSJpbnRlcmFjdGl2ZSIgZGF0YS10aXRsZT0iTklVIHN1cnZleSBxdWVzdGlvbiAjMTliIj48L2Rpdj48c2NyaXB0PiFmdW5jdGlvbihlLGksbixzKXt2YXIgdD0iSW5mb2dyYW1FbWJlZHMiLGQ9ZS5nZXRFbGVtZW50c0J5VGFnTmFtZSgic2NyaXB0IilbMF07aWYod2luZG93W3RdJiZ3aW5kb3dbdF0uaW5pdGlhbGl6ZWQpd2luZG93W3RdLnByb2Nlc3MmJndpbmRvd1t0XS5wcm9jZXNzKCk7ZWxzZSBpZighZS5nZXRFbGVtZW50QnlJZChuKSl7dmFyIG89ZS5jcmVhdGVFbGVtZW50KCJzY3JpcHQiKTtvLmFzeW5jPTEsby5pZD1uLG8uc3JjPSJodHRwczovL2UuaW5mb2dyYW0uY29tL2pzL2Rpc3QvZW1iZWQtbG9hZGVyLW1pbi5qcyIsZC5wYXJlbnROb2RlLmluc2VydEJlZm9yZShvLGQpfX0oZG9jdW1lbnQsMCwiaW5mb2dyYW0tYXN5bmMiKTs8L3NjcmlwdD4=Federal security authorities have pleaded and cajoled local election leaders to migrate to the more secure domain for years now. In 2019, Geoff Hale, then the director of the Election Security Initiative at CISA, told the annual summer NASS conference, held that year in Santa Fe, NM, that a .gov domain, “allows the public to know to trust what's coming from you." Nearly two years later, during this week’s conference, Hale, still at CISA, again tried to deploy his powers of persuasion, tell them “it really shouldn't be that difficult for the public to identify whether you are a legitimate government site or not." ‘My deepest concerns’ In interviews with 25 secretaries of state and other top election leaders for this story, cyber and election security came up again and again. “One of my deepest concerns,” explained Maine Secretary of State Shenna Bellows, “is cybersecurity and investments in technology to look toward a future of increasing voter participation while maintaining the security and integrity of our elections."Oklahoma State Election Board Secretary Paul Ziriax touted a dedicated, state-level cyber offensive he utilized for the general election. "I'm very proud of the relationship we had with what's called Oklahoma Cyber Command." Federal authorities have not announced any major cyber breaches of election infrastructure for the 2020 general election.Mark Albert is the chief national investigative correspondent for the Hearst Television National Investigative Unit, based in Washington D.C. April Chunko and Amanda Rooker contributed to this report. Know of waste, fraud, abuse or a safety risk that needs to be investigated? Send information and documents confidentially to the National Investigative Unit at investigate@hearst.com. You have the option to remain anonymous.HEARST TELEVISION NATIONAL INVESTIGATIVE UNITELECTION SECURITY SERIES:-Pt 1: Gaps in Preparedness-Pt 2: White House Response-Pt 3: Voting Vulnerabilities               >San Francisco Chronicle (print) version>DIGITAL EXTRA: Kid Hackers-Pt 4: Cyber Combat-Pt 5: Election Security Summit (Day 1; Day 2)-Pt. 6: Troll Hunters-SPECIAL: Election Security 30-minute Special-Pt. 7: Paper Ballots-Pt. 8: Lack of Funds-Pt. 9: Operation Blackout -Pt. 10: Digital Disinformation-Pt. 11: Voting App Hack-Pt. 12: Deleting the Deception-Pt. 13: Spotting the Spin-Pt. 14: 2020 Election Summit-Pt. 15: Election Exposure-Pt. 16: Election Exposure Checkup-Pt. 17: Return to Sender-Pt. 18: Inside the Intelligence-Pt. 19: Grading the Election
WASHINGTON —

As the country’s top election leaders meet this week for their annual winter conference – virtual this year due to the pandemic – a clear majority of election administrators in their states say the 2020 general election was “more secure” than voting in prior years, according to an exclusive, nationwide survey sent to more than 3,000 election administrators in all 50 states.

The 35-question questionnaire was sent by the Hearst Television National Investigative Unit in December, days after states certified their electoral ballots in the U.S. presidential race, and ended Jan. 15, five days before President Joe Biden’s inauguration.

Advertisement

The "Grading the Election" survey also illuminated how much work is yet to be done on cyber security, more than four years after Russian hackers scanned and ultimately penetrated some election, campaign, and party infrastructure during the 2016 race.

‘More Secure’

The survey asked local and state election administrators, from small municipalities to statewide jurisdictions, whether they thought the general election in their area “was more secure than in prior elections.” Of those who responded, 62.6% said “yes,” while a little more than a third – 37.4% — said “no.”

The results are being released to coincide with the annual winter conferences of the National Association of Secretaries of State (NASS) and the National Association of State Election Directors (NASED) this week, the biggest gathering of the America’s top election leaders since the general election concluded.

During a session Tuesday on cyber security, Geoff Hale, a representative from the Cybersecurity and Infrastructure Security Agency (CISA) at the U.S. Department of Homeland Security, told conference attendees that his agency’s efforts to secure the vote by combating misinformation, including about election security, “is really something that we feel was a relative success that we can learn from and help to apply in other critical infrastructure sectors and other national critical functions.”

DHS, other federal agencies, and partners such as the leaders of NASS and NASED had released a statement the week after the Nov. 3 election declaring it “the most secure in American history.”

High marks to DHS for cyber support

Election administrators also gave high marks to DHS and CISA for ramped-up efforts since the 2016 elections to deal with cyber threats.

More than eight in 10 — 83.5% — of respondents said they did get enough support from the department. That is a higher rating than administrators gave even their own state’s secretary of state for the level of support provided; 78.9% said their secretary of state’s office gave them “enough support.”

In a statement for this story responding to that survey finding about his agency’s performance, CISA’s acting director, Brandon Wales, said he was “proud of the work our team did” to support election administrators and indicated the effort will continue, irrespective of the recent change in administrations.

“Feedback like this helps to validate our approach, but it also illustrates that the mission isn’t over and there’s more work to be done,” Wales said.

Basic security precautions still missing

As the National Investigative Unit first revealed last February, and then again in July, most local election websites scanned by McAfee Security did not have basic cyber security protections such as encryption as well as being on .gov, a federally validated web domain.
Eight months later, election leaders say they're making progress.

Now, fewer than 18% say they still do not have encryption (https) on their election websites.

But more than double that – 47%, nearly half – say they are not yet on a .gov domain.

Federal security authorities have pleaded and cajoled local election leaders to migrate to the more secure domain for years now.

In 2019, Geoff Hale, then the director of the Election Security Initiative at CISA, told the annual summer NASS conference, held that year in Santa Fe, NM, that a .gov domain, “allows the public to know to trust what's coming from you."

Nearly two years later, during this week’s conference, Hale, still at CISA, again tried to deploy his powers of persuasion, tell them “it really shouldn't be that difficult for the public to identify whether you are a legitimate government site or not."

More than two dozen secretaries of state and other top election administrators are interviewed by Chief National Investigative Correspondent Mark Albert.
Hearst TV
More than two dozen secretaries of state and other top election administrators are interviewed by Chief National Investigative Correspondent Mark Albert.

‘My deepest concerns’

In interviews with 25 secretaries of state and other top election leaders for this story, cyber and election security came up again and again.

“One of my deepest concerns,” explained Maine Secretary of State Shenna Bellows, “is cybersecurity and investments in technology to look toward a future of increasing voter participation while maintaining the security and integrity of our elections."

Oklahoma State Election Board Secretary Paul Ziriax touted a dedicated, state-level cyber offensive he utilized for the general election. "I'm very proud of the relationship we had with what's called Oklahoma Cyber Command."

Federal authorities have not announced any major cyber breaches of election infrastructure for the 2020 general election.

Mark Albert is the chief national investigative correspondent for the Hearst Television National Investigative Unit, based in Washington D.C. April Chunko and Amanda Rooker contributed to this report.

Know of waste, fraud, abuse or a safety risk that needs to be investigated? Send information and documents confidentially to the National Investigative Unit at investigate@hearst.com. You have the option to remain anonymous.

HEARST TELEVISION NATIONAL INVESTIGATIVE UNIT

ELECTION SECURITY SERIES:

-Pt 1: Gaps in Preparedness
-Pt 2: White House Response
-Pt 3: Voting Vulnerabilities

               >San Francisco Chronicle (print) version

>DIGITAL EXTRA: Kid Hackers

-Pt 4: Cyber Combat-Pt 5: Election Security Summit (Day 1; Day 2)
-Pt. 6: Troll Hunters

-SPECIAL: Election Security 30-minute Special

-Pt. 7: Paper Ballots
-Pt. 8: Lack of Funds
-Pt. 9: Operation Blackout
-Pt. 10: Digital Disinformation-Pt. 11: Voting App Hack
-Pt. 12: Deleting the Deception
-Pt. 13: Spotting the Spin
-Pt. 14: 2020 Election Summit
-Pt. 15: Election Exposure
-Pt. 16: Election Exposure Checkup
-Pt. 17: Return to Sender
-Pt. 18: Inside the Intelligence
-Pt. 19: Grading the Election

Top Picks

Rare find: Father-son lobstermen pull calico lobster from Maine waters
What is the 'American Community Survey' and is it legit?
Clint Eastwood's former California home on sale for $21 million
Meet the Navy veteran skydiving for his 91st birthday