Reps. Quigley, Katko Host Election Hacking Demonstration, Discuss Remaining Infrastructure Vulnerabilities

WASHINGTON – Today, U.S. Representatives Mike Quigley (IL-05) and John Katko (NY-24) hosted a bipartisan election hacking briefing and demonstration. The Representatives were joined by J. Alex Halderman, Director of the University of Michigan's Center for Computer Security and Society, who briefed attendees on election security challenges before ‘hacking' into a voting machine in real-time.

"For almost two years, I've been sounding the alarm that our election infrastructure is outdated, low-tech, and nowhere near where it needs to be to prevent future intrusions," said Rep. Quigley. "Today's eye-opening demonstration by Dr. Halderman highlighted the pressing vulnerabilities that still exist and underscored the urgent need to implement common-sense policy and secure critical funding to harden our defenses. Our democracy depends not only on our participation in the democratic process, but also on the promise that our voices will be heard without interference."

"Our adversaries remain committed to interfering in our nation's democratic process," said Rep. Katko. "This is a grave threat to our country and our nation's security. Our voting systems remain vulnerable to hacking, and we must do more to protect against cyber aggression. This is an issue we must work across the aisle to address, and I'm proud to take the lead with Rep. Quigley. Today's demonstration showed the vulnerabilities we face, and reinforces the need to pass the bipartisan measure we've introduced to help combat cyber threats. Our bill will help ensure our nation's foremost experts on cybersecurity have the tools that they need to identify and combat these malicious cyberattacks against our democracy."

"U.S. election infrastructure remains dangerously vulnerable to cyberattacks, and although states are making progress, but major gaps remain, particularly in the security of voting machines," said Dr. Halderman. "The U.S. urgently needs to better defend election infrastructure. Some states are making progress, but we need greater Federal leadership to ensure that all states have essential protections in place before 2020."

"More than ever, local officials need to recognize cybersecurity as part of their core election administration responsibilities," said Maurice Turner, Senior Technologist, Center for Democracy & Technology. "That's why CDT is providing resources that address key election cybersecurity issues, such as election official training, technical volunteer capacity building, social media disinformation campaigns, and robust post-election auditing."

In June, Reps. Quigley and Katko introduced the Prevent Election Hacking Act of 2018, H.R. 6188, which creates a federal election hacking competition, commonly known as a bug bounty program, to reward cyber experts that are able to identify vulnerabilities in our election infrastructure. A critical step in enhancing our election security requires an acknowledgement and clear understanding of the existing vulnerabilities.

By allowing the Department of Homeland Security (DHS) to establish a recurring "Hack the Election" competition, we can give independent cyber experts the opportunity to assist participating state and local election officials, who often times lack the necessary cybersecurity training and guidance to prevent hacking attempts, uncover both new and existing threats to their systems. With these vulnerabilities detected by outside experts, DHS can focus its resources on providing election officials with the technical assistance needed to bolster their cybersecurity defenses.

In March, Rep. Quigley, who serves on the House Permanent Select Committee on Intelligence and the Appropriations Committee, secured $380 million in new FY18 grants to help states fortify, update, and protect election systems from cyber-hacking.