Thirteen states have withdrawn a total of nearly $88 million from an election security fund established by Congress in March, but more than 75 percent of the funding has yet to be dispersed.
The $380 million fund, established as part of Congress’ omnibus appropriations bill, is meant to aid state officials in securing and improving election systems, whether through technical upgrades, cybersecurity audits, or by replacing vulnerable paperless electronic voting machines with paper-based systems.
Although it makes up only fraction of what some experts say is needed—the Center for American Progress, for example, has suggested $1.25 billion over a 10-year period, which is close to what Democrats pushed for in February—the funding will ostensibly go a long way toward ensuring the continuation of free and fair elections in the United States, namely by hardening certain systems against hackers who might seek to tamper with the results.
In addition to the $88 million that’s already been dispersed, another $50-75 million is expected to be withdrawn soon, Gizmodo has learned. Officials in as many as 17 states this week notified the U.S. Election Assistance Commission (EAC) of their intent to submit their request letters. The states that have already accessed funds include Arkansas, Illinois, Kentucky, Massachusetts, Missouri, Montana, New York, Oregon, Texas, Vermont, Washington, West Virginia, and Wisconsin.
Established under the George W. Bush administration—in part due to the public controversy surrounding his own election—the EAC is an independent agency that, among other duties, establishes minimum election administration standards. It also handles any federal grants allocated by Congress for election improvements. (The funding made available this year marks the first appropriation for the enhancement of election systems since 2010.)
According to an EAC source, the agency is anticipating requests by the end of the month from Alaska, South Dakota, New Jersey, Iowa, Idaho, Florida, Rhode Island, Wisconsin, Virginia, Pennsylvania, Maryland, Mississippi, Nevada, and the District of Columbia.
In some cases, states are still working through the process of passing legislation required before requesting federal assistance, as the grant requires states to match 5 percent of the funds awarded. New York, for example, has received nearly $19.5 million from the EAC and must, within the next two years, deposit roughly $1 million of its own cash into state election accounts.
Homeland Security officials say as many as 21 states were targeted by hackers seeking to infiltrate election systems in 2016, though officials in five of those states have rejected the assessment. In most instances, the malicious activity was merely reconnaissance; hackers scanned networks linked to election systems but did not actually penetrate them. Illinois is the only state to admit a breach occurred.
More recently, a mayoral election in Knox County, Tennessee, was targeted by hackers, who not only crippled a website used to report the result but successfully accessed a server managed by county officials. The vote tabulation process, which was conducted on a separate, air-gapped machine, was not compromised, according to Sword & Shield, the security firm that investigated the attack.
The Miami Herald reported Thursday that Florida election officials have pleaded for access to funds. Around $19.2 million has been earmarked for the Sunshine State, which was reportedly targeted by Russian hackers, unsuccessfully, two years ago. (Florida is among the states EAC is expecting a request from by the end of the month.)
While only 26 percent of states have actually requested fund so far, some may have already begun shoring up election systems with the intention of reimbursing themselves using the federal grant down the road.
At Harvard University this year, 150 election officials took part in an exercise intended to prepare them for the “doomsday scenario”: a breach of voter registration systems compounded by a malware infection in government computers, casting doubt on the integrity of election results.
With primary elections having already begun and midterm elections now less than six months away, it remains unclear whether a simple flood of cash will be enough to secure the vote amid what some government officials are predicting will be an onslaught of attacks aimed to, at a minimum, cast suspicion on results of elections throughout the country.