The Department of Homeland Security has designated the U.S. voting infrastructure, including voting machines and registration databases, as critical infrastructure.
On Friday, Secretary Jeh Johnson elevated the voting infrastructure to a critical infrastructure subsector under the existing Government Facilities sector; there are 16 existing sectors and 20 subsectors.
The announcement came on the same day the intelligence community released a declassified document that it says links the Russian government to hacking and other interference in the recent U.S. presidential election.
While the voting infrastructure was not tampered with, the intelligence community said that the DNC hacks and attacks against an email account belonging to former Clinton campaign chair John Podesta were attempts by the highest levels of the Russian government to sway favor away from Hillary Clinton and toward President-Elect Donald Trump, allegedly the preferred candidate of the Russian government.
The designation of the voting infrastructure as critical infrastructure means that entities such as polling places, centralized vote tabulations, storage facilities, and technology systems used to manage the election process would prioritized for assistance from DHS related to cyber.
“Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law,” Johnson said.
Johnson said that in consulting with state and local election officials, some opposed the designation, fearing federal regulation or oversight of elections.
“This designation does nothing to change the role state and local governments have in administering and running elections,” Johnson said. “The designation of election infrastructure as critical infrastructure subsector does mean that election infrastructure becomes a priority within the National Infrastructure Protection Plan. It also enables this Department to prioritize our cybersecurity assistance to state and local election officials, but only for those who request it.”
Johnson pointed out that election systems will have improved access to incident response, and classified and unclassified data available to other critical infrastructure operators.
“Election infrastructure is vital to our national interests, and cyber attacks on this country are becoming more sophisticated, and bad cyber actors – ranging from nation states, cyber criminals and hacktivists – are becoming more sophisticated and dangerous,” Johnson said.
The intelligence community report—the public version—is a bit underwhelming, holding back the sources and extent of evidence it says links the Russians to interference with the U.S. election. The intelligence community, which met with Trump on Friday after testifying before a Senate Arms Committee hearing on Thursday, provided a classified version of the document to Congress.
“There’s no reason why the government can’t quickly reveal evidence about cyber espionage efforts that can help potential victims defend themselves,” said Ron Deibert, Director of the Citizen Lab, a research outfit at the Munk School of Global Affairs at the University of Toronto, that has done extensive work uncovering the surveillance and monitoring activities of oppressive regimes. Deibert wrote an article for JustSecurity.org in which he provided the example of last summer’s disclosure and patching of iOS zero days developed and sold by Israel’s NSO Group all within a two-week span. From the article:
“From the time we were shared the initial malicious SMS messages contained in the iPhone (August 11th, 2016) to the time our report was released (August 25th), only 14 days elapsed. In that time, we made a responsible disclosure to Apple, who issued critical security patches for iOS, OSX, and Safari for hundreds of millions of Apple users. I am proud to say our report is extremely detailed in both means and methods, and includes detailed and useful indicators of compromise for all to review. All of this was accomplished by only two Citizen Lab researchers who enlisted a small group of people from the security company, Lookout Inc, to help with technical analysis on the zero day and implant.
This all took place in just two weeks.
The U.S. defense and intelligence community, including their private sector partners, by contrast, has thousands of staff, billions of dollars in resources, the most advanced capabilities, and many months of time.
“Rushed” is no excuse for shoddy work. No, the real reason lies elsewhere — in the inability of the government and the private sector to produce unvarnished evidence to inform the public about what they fully know. And that’s the problem.”