Hackers Target Utah's Election Systems A Billion Times A Day. Here's How The State Is Responding.
2020 is a big election year in Utah: We’re electing a president, a governor and multiple congressional representatives.
After elections systems in multiple states were targeted by Russian hackers in 2016 and 2018, will this year's elections be secure?
The state received $4 million from the federal government about two years ago to beef up its election systems against attacks and is set to receive another $4 million this year.
KUER’s Sonja Hutson spoke with Lt. Gov. Spencer Cox, who’s in charge of the state’s election systems while also running for governor, about how the state is using that money to prepare.
This interview has been edited for length and clarity.
Sonja Hutson: Are you concerned about attacks on our election systems?
Spencer Cox: The answer is yes. We're always concerned about attacks on our election system. It's been very well documented that there have been attempts to hack our systems here in the state of Utah and across the country for several years now.
The good news is we've taken so many measures to prevent those attacks from being successful. We have bi-weekly meetings with all of the security-related organizations in the country preparing for any eventuality that might come.
Some of things we were doing with state networks we're now pushing out to the county networks. We want to make sure that every system is as secure as possible. In a small county like Piute, who doesn't have, you know, an IT expert there, we have to help them through that.
SH: So what are some of the main tactics that you're using to prevent election security issues?
SC: Yes. So there are several. We've done tabletop exercises where we're actually planning what you know, what do we do if x happens? What do we do if y happens? We're also monitoring the dark web. We're out there anticipating trying to be ahead of the curve on these types of things.
We get a billion attempts, attacks a day here in the state of Utah. And there again on the cutting edge of preventing those attacks.
SH: Jon Huntsman is your competitor for governor. And, you know, he served as ambassador to Russia. Does that put a bigger target on the election to foreign hackers?
SC: Well, I think, you know, he served in Russia and China. And so you know, we're not getting any intel that the governor's race is getting much attention. It tends to be the federal races that I think gather the most attention. And so having a presidential race this year, that's clearly the biggest target if there is one. Again, we know — and the State Department has confirmed — that there are foreign adversaries that want to disrupt our system, and, of course, they'll use anything they can. And so I think that having it be a presidential election is what has really heightened our emphasis this year.
SH: And how do attacks and the potential for attacks this year stack up to previous elections? And what lessons have you learned from previous elections?
SC: What we're seeing isn't any different than what we've seen in the past. But we have learned those lessons. And so we asked for these audits from Homeland Security and the FBI to come in and test our systems. And the good news is that we have received very high marks compared to other states. Now again, we don't take any of that for granted. Because that could change at any time. And so we have to be constantly vigilant and that's what we're doing.
SH: The Iowa caucuses brought attention to the issue of election security concerns that come along with new technology. Is Utah using any new technology this year, and how are you making sure it's secure?
SC: Yeah, so when I first became lieutenant governor, we looked specifically at voting online, that type of thing … brought together experts in the field and ultimately decided that it was not the right time to implement that type of technology. So we are not implementing any new technology that way, as far as using online or apps to vote or track voting.
People talk about this all the time. They say, “Well, hey, I do my banking online. I do all of this stuff online. Why can't I vote online? And it's very, very simple. There's one reason that you cannot vote online. And that is because of the private ballot.
Now, you don't have a private bank account. If somebody steals money from your bank account, we can audit that account. You can go back. You can see the money was there, and then it wasn't there. And where did it go? With your vote we can't do that. We can't go back and say, “OK, did you vote for President Trump? Did you vote for Hillary Clinton?” We can't tie that specifically back to your vote because you have a constitutional right to not make that happen.
Every vote you cast, there is a paper trail, and we can audit that paper trail, but we can't tie it to a particular individual. And so that's why we cannot vote online because you wouldn't even have to hack the vote, you would just have to claim that you hacked the vote, and then we wouldn't be able to prove it wrong. And people would lose faith in the system. And everything, we rely on what would fall apart.
SH: So we're not going to see any online voting anytime soon in Utah?
SC: You are not going to see any mass online voting anytime soon in the state of Utah.