Oregon election officials say they are worried that recent cuts to federal cybersecurity programs may leave the state’s election systems more vulnerable to attack.
For years, local election officials have relied on federal programs to monitor threats, assess election security infrastructure and coordinate response plans. Federal officials hold regular security briefings with state and local officials, according to Tess Seger, spokesperson for the Oregon secretary of state.
But those safeguards are now in jeopardy after the U.S. Cybersecurity and Infrastructure Security Agency last week cut funding for a program that monitors cybersecurity threats across states and helps local officials respond.
Without that support, Oregon’s county clerks and the Secretary of State’s Office, which oversees state elections, say they’ll be left with fewer resources to detect and respond to potential attacks.
“We will feel the effects of it,” said Rochelle Long, Klamath County Clerk and president of the Oregon Association of County Clerks. “But we don’t know the full effects of it yet or how that’s all going to play out.”
The cuts to local programs are the latest effort by President Donald Trump to reduce federal involvement in election security. His administration has also slashed funding for programs at the federal cybersecurity agency and other agencies that work on election security and investigate foreign interference in U.S. elections, several news outlets have reported.
Although county clerks have some resources to monitor potential threats, having an agency that operates in multiple states can give them appropriate time to prepare for threats that have been identified in other states before receiving them, officials say.
“Our practices are more sound and more safe because of those resources that have been provided over the last few years,” said Deschutes County Clerk Steve Dennison. “The responsibility lies on the local elections offices, but having those resources at a higher level has always been helpful.”
Also, the federal agency has helped officials from different agencies and states coordinate to respond to election threats. For example, the agency “played a critical role in coordinating federal partners” in October when an individual set fire to multiple ballot boxes in Portland and Vancouver, Washington, Seger said.
Without that assistance, state and local officials could face additional hurdles in future incidents.
It’s unclear if some counties will be more susceptible to cyber threats than others without the federal support. Although large counties typically receive more cyber threats than smaller counties, they also have significantly more employees and resources to respond, according to Tim Scott, Multnomah County’s elections director.
It’s also unclear what role the federal government will play in protecting local elections from cyberattacks moving forward. Oregon officials were planning a simulated exercise in June designed to test Oregon’s election security protocols with the U.S. Cybersecurity and Infrastructure Security Agency, but it has now been canceled, Seger said.
“We’ll do everything we can to protect our elections, but there’s no denying we’ll have an uphill battle,” Seger said in an email. “We’ll have fewer resources to identify and respond to threats, and less information sharing among states. The absolute last thing we need is anything that inflames the chaos and uncertainty that already exists around elections.”
Unlike in some other states, Oregon’s voting system is relatively insulated from cyber interference because every voter fills out a paper ballot, officials have said. And results of those ballots are tallied by specialized equipment that is not connected to the internet. Counties convey results to the state using secure internet connections, but corruption of or interference with those transmissions could be corrected using the secure underlying results.
But the voting process is just one aspect of election security, other parts of which could be susceptible to cyber threats. Other functions of elections offices, such as responding to online disinformation campaigns and protecting official websites from malware and other cyberattacks, could be more prone to those risks.
Election officials nationwide have raised concerns about these funding cuts. The National Association of Secretaries of State sent a letter on Feb. 21 to Kristi Noem, the U.S. secretary of homeland security, urging the government to continue supporting election security programs. Noem replied on March 7, writing that her agency is “undertaking an internal review of all election security-related funding, products, services, and positions.”
She also noted that some federal cybersecurity resources are still available to local officials, although none of those programs focus exclusively on election security.
In Oregon, Seger said the Secretary of State’s Office is exploring “any and all options” to find alternative funding.
“These reckless cuts make the United States vulnerable,” Seger said. “We’ll do everything we can in Oregon to make up for this mess, but there are some gaps that won’t get closed. The Trump administration needs to fulfill its responsibility to protect this country.”
— Carlos Fuentes covers state politics and government. Reach him at 503-221-5386 or cfuentes@oregonian.com.
Our journalism needs your support. Subscribe today to OregonLive.com/subscribe.
Latest local politics stories
- An Oregon lawmaker wants to tax beer, wine and cider to fund youth substance abuse prevention
- Judge blocks Gov. Tina Kotek’s executive order that sparked backlash from contractors from taking effect
- ‘It’s devastating’: Trump cuts hit Oregon nonprofit providing legal aid to migrant children
- Portland extends job for top public safety official who’s been working from Las Vegas
- Portland Public Schools triggers Trump administration investigation into transgender athlete participation