NPPD’s Krebs: Election Security ‘Feedback Loop’ the ‘Biggest Shift’ Since 2016

Christopher Krebs under secretary undersecretary DHS Department of Homeland Security National Protection and Programs Directorate NPPD leader CISA cybersecurity and infrastructure security agency

(Photo: Government Matters)

Department of Homeland Security Under Secretary Christopher Krebs said today that the biggest change in election security between the 2016 elections and today is the elimination of communication barriers between state and local authorities and the Federal government.

“Most importantly, the biggest shift, the biggest change that I’ve seen over the last several months or year is the feedback loop–what we’re getting back from the states and the local community,” Krebs, the head of DHS’s National Protection and Programs Directorate, said today at Palo Alto Networks’ Federal Ignite conference.

He challenged the notion that there’s been an increase in targeting of election authorities.

“That’s actually not what we’re seeing. What we’re seeing is an increase of reporting from states of activity that’s been happening all along. They’re just feeding it into DHS and my team where we can aggregate, where we can pull the total common operating picture of what’s happening across the state and locals,” Krebs said. “We didn’t have that visibility or that over-the-top picture of threats to our state and local partners. So we have that now, and it’s only going to get better.”

It’s an opinion shared by some of his partners at the state level.

“One of the most important things that I think has come out of this whole process since 2016 is simple communication,” said Vermont Secretary of State Jim Condos, who is also president of the National Association of Secretaries of State. “We really improved the communication level between state and locals to DHS and our Federal partners. We now have protocols in place to communicate, we know who to contact if something comes up, and it’s a two-way street.”

But states are going beyond talk to harden their systems, not relying on Federal support alone to improve the security of their networks.

“Voter registration databases are what appear to be a target,” Condos said, offering an example of how election infrastructure resilience has increased. “We back up our voter registration database on a daily basis. Every night, that thing is backed up. Worst case, if it does get breached, files deleted, changed, whatever, we can go 24 hours back, reset it.”

The frenzy around foreign influence in the 2016 campaigns has lent itself to a lot of potentially conflicting information about how U.S. elections were affected. Condos took a moment to assuage any concerns about the integrity of vote tallies.

“I don’t believe, and I don’t think DHS believes–I’ll let Chris confirm that–that any votes were changed in 2016. To our knowledge, no votes were changed,” he said.

“Even better, we don’t believe they had access to the tabulation,” Krebs added.

But the question around security has now irrevocably been thrust into the national spotlight. And the reality behind the question might be a little unsettling for those unfamiliar with IT security.

“Is it secure? Is everything going to be okay? And the answer, it’s never totally secure,” said Robby Mook, senior fellow at the Harvard Kennedy School of Government’s Belfer Center, who was also Hillary Clinton’s campaign manager during the 2016 elections. “But guess what? There are all these systems in place to make sure the vote gets counted right. That’s the question that I think needs to be asked a little more.”

“We’re never going to achieve 100 percent security across the board. It’s just not possible, it’s an IT system,” Krebs said. “What we want again is resilience. It’s the ability to identify problems quickly, get to root cause, communicate the solution out there as broadly as possible.”

“This is a race without an end. It’s not a sprint. It’s not a marathon. It’s not an ultra-marathon. This is a game or effort that takes constant dedication every day,” Krebs added.

So as that race continues, Mook suggested that campaigns must acknowledge that election exploits will increase in scope.

He is expecting to see an increase in the use of social engineering to steal campaign funds, and use of distributed denial of service (DDoS) attacks to undermine campaign sites. “You can raise a million dollars a night if you give a convention speech. You DDoS that site, that candidate’s just lost a million dollars.”

“I think it’s both we’re not doing what we need to do with regards to what we saw in ’16, I also don’t know that campaigns are afraid enough about other things we haven’t quite seen yet,” he said.

Recent