Modern field guide to security and privacy

Homeland Security chief weighs plan to protect voting from hackers

Secretary of Homeland Security Jeh Johnson said he's considering whether to designate the US election system as critical infrastructure, which could trigger greater cybersecurity at the ballot box.

Michael Bonfigli /The Christian Science Monitor
Homeland Security Secretary Jeh Johnson spoke to reporters at The Monitor Breakfast, hosted by The Christian Science Monitor, on Wednesday in Washington.

On the heels of the Democratic National Convention hack and the political fallout that is ensuing months before the presidential election, the country's Homeland Security chief said he's considering measures that would strengthen cybersecurity protections for voting.

It’s time for the US government to "carefully consider" whether America’s election system should be considered as critical infrastructure, which would trigger greater digital security measures for electronic voting machines, said Jeh Johnson on Aug. 3 at a Monitor-hosted breakfast for reporters.

Like exciting critical infrastructure sectors such as electric utilities and water treatment plants, “There’s vital interest in our election process,” said Mr. Johnson. "We’re actively thinking about the election and cybersecurity right now."

If the US considered the election process as a critical infrastructure, the designation would have significant implications to how federal officials would respond to a possible cyberattack. There is no timeline yet for making that designation, but Johnson said he's considering reaching out to election officials.

There is not one federal election system, but rather 9,000 jurisdictions involved in voting across America that collect, tally, and report of votes. And as more voting machines are automated and election districts rely more heavily on computers to count votes, elections are more susceptible to cyberattacks, many cybersecurity experts warn. 

The DNC hack brought the dangers associated with hackers meddling in the US political process into focus. After the organization discovered the intrusion, they did not seek the assistance of Homeland Security. 

Johnson noted that a recent White House directive on how the nation should respond to significant cyberattacks named Homeland Security as the agency for “fixing and patching” vulnerabilities that could affect critical infrastructure.

"I’m the fireman," Johnson said, adding that FBI Director James Comey "is the cop."

But while the White House has pointed to Homeland Security as the leading agency for responding to digital intrusions and attacks, the agency's capabilities for handing such incidents has been questioned by both experts and politicians.

Last year, Sen. Tom Coburn, then the ranking member of the Senate Homeland Security Committee, sharply criticized DHS efforts to ensure sufficient cybersecurity protections for critical infrastructure. 

If the agency's responsibilities for cybersecurity are expanded to US election systems, the DHS would have some work on its hands. 

Take, for example, voting machines. “Unfortunately, we’re not treating voting machines as the core pieces of critical infrastructure that they are,” cybersecurity expert Scott Shackelford noted in Passcode last week. "So far, the machinery undergirding our democratic institutions has not received the same level of scrutiny as other critical infrastructure sectors such as our power lines and wastewater plants."

There are a number of voting machines in districts across the country that are digital and connected to the internet. 

In a 2012 pilot program to test online voting in Washington, for example, researchers from the University of Michigan were able to hack the government website “so that the university’s fight song would play after a vote was cast,” added Dr. Schackelford, an associate professor at Indiana University.

"To put it plainly," he said, "voting is in many ways just as important to our long-term prosperity as functioning telecom networks and financial systems."

Editor's note: This story was updated after publication to correct the date of Homeland Security Secretary Jeh Johnson's comments. He spoke on Aug. 3 at a Monitor breakfast in Washington.


You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Homeland Security chief weighs plan to protect voting from hackers
Read this article in
QR Code to Subscription page
Start your subscription today