The Cybersecurity & Infrastructure Security Agency (CISA) continues to take a hard look at ways to secure elections and promote trust in anticipation of the 2022 mid-terms. CISA’s June 9 “status update” report and the referenced January 31 CISA training video both seek to address election security priorities. However, even after having issued their recent joint advisory on machine vulnerabilities, the speakers in the CISA training video continue to contend in the introductory slides that the 2020 election was “successful and secure.”

The 2022 plan and training video also devoted a good chunk of time arguing that mis, -dis, and mal-information(MDM) are among the greatest threats to secure elections. One way CISA ensures MDM is limited is by working with CTCL to engage trusted media with trusted election information. The Elections Group consults CISA on election security and retweeted the CTCL tweet below.

Election Infrastructure Subsector-Specific Plan: 2022 Status Update

The June 9 Election Infrastructure Subsector-Specific Plan: 2022 Status Update and a May 27 Election Infrastructure Insider Threat Mitigation Guide discuss CISA’s efforts to ensure secure elections in 2022 and beyond. The May report focuses more on the threats to secure elections and discusses insider threats—both intentional and unintentional—collusion, third-party threats, cybersecurity threats, violence, espionage, sabotage, theft and MDM. It is notable that many if not all of the threats mentioned are those that have been litigated in multiple election integrity lawsuits and investigations nationwide. Many states are now looking at laws to prevent known vectors for fraud in elections. Nothing referencing the various lawsuits or legislation was ever mentioned in CISA’s guidance.

CISA/May 27 Threat Mitigation Report

The next page of the report is devoted to MDM encouraging “stakeholders” and election officials to “stay resilient against potential MDM narratives that undermine that mission and potentially incite insiders to cause intentional harm.

The whole report focuses on the activities promoted by DHS through its Election Infrastructure Subsector under the Government Facilities Sector in partnership with a Government Coordinating Council (GCC) and a Sector Coordinating Council (SCC). The partnership is designed to be a “focused mechanism for collaboration between state and local election officials, the Cybersecurity and Infrastructure Security Agency (CISA), the Election Assistance Commission (EAC), law enforcement, the intelligence community, and private sector partners to enhance information sharing about risks to the Nation’s election systems, identify resources to help mitigate such risks, communicate best practices, address identified vulnerabilities, and enable election officials’ and private sector partner’s
access to threat information.”

The plan addresses tools and logistics that bolster election security. It suggests physical security for facilities and personnel, management of supply chain risks (e.g., ensuring there are no counterfeit ballots), securing chain-of-custody for ballots and election equipment, enhancing cybersecurity, information sharing—both classified and unclassified—and MDM.

CISA/June 9 Plan/MDM

January Training Video Says 2020 Election was Good and Secure

“Building Trust Through Secure Practices,” the January 31 video features CISA Election Security Expert Noah Praetz, who ran elections in Cook County in Illinois before joining CISA. Jennifer Morrell also joins the presentation and is a CISA election security expert consultant. She and Praetz founded the Elections Group, which provides consultation to local, state, and federal election officials. They begin their discussion by outlining their 2020 takeaways—both the good and the bad.

In the good column, Praetz contends the “2020 election was successful and secure.”

CISA/2020 Good Takeaways

In the bad 2020 takeaways column— “unprecedented levels of MDM.” Praetz refers explicitly to several incidents and investigations that many regard to be material election integrity breaches. Foreign threat actors, Antrim County, Proud Boys intimidation in Florida, boxes of mail-in ballots found in dumpsters, and Sharpie-Gate are all referenced as MDM. The second bad takeaway discussed by Praetz is the threat of Domestic Violent Extremists (DVEs), as evidenced by January 6 “narratives of fraud in the 2020 election”, the COVID-19 pandemic, and conspiracy theories promoting violence.” The discussion of MDM occupies a good twenty minutes of the 53-minute presentation.

CISA/2020 Bad Election Takeaways

Praetz went on to say in reference to the 2020 election:

“There were isolated errors across the country and poorly understood processes, because elections are highly complex, that were able to be used to continue and feed into these narratives that were highly damaging to elections.”

He then referenced the threats of DVEs communicated by the office of the director of national intelligence and Secretary Mayorkas. Praetz states that DVEs were “emboldened after January 6, in part spurred on by false allegations of fraud, domestic violent extremists are assessed to be highly likely to engage in violence this year. Government and election officials are advised to take that seriously.” Never once did he mention Antifa or those involved in the riots during President Trump’s inauguration or the “mostly peaceful” summer of 2020.

In May, Morrell tweeted a link to an Elections Group Telling Our Story Guide that cites MDM “Mythbusters” like the Maricopa County Elections Department and CISA’s Election Security Rumor VS Reality page. She references a video from Maricopa that states how secure the county’s tabulators are. “None of these tabulators are connected to the internet.”

CISA’s report repeatedly admits that voting machines can be tampered with and hacked. Moreover, tabulators have been continually challenged as problematic in the 2020 election. Morrell also cited the Center for Tech and Civic Life (CTCL) checklist for combatting election misinformation. CTCL and Zuckerberg worked hand in hand to fund dropboxes in the 2020 elections, forming public-private partnerships that may have influenced the election. Again, no mention of the Antifa riots or serious investigations related to the 2020 election.

The presentation also reveals an FBI unit devoted to crimes associated with elections. “DOJ, DHS, FBI, and others are working together in recognition of increasing threats against election workers/administrators/officials.

Many rational election integrity policies and actionable procedures discussed in the above reports will promote trust and security in future elections. Some suggestions, such as Risk Limited Audits, are arguably ineffective in teasing out election fraud. CISA is undoubtedly attempting to mitigate systemic procedural errors that contribute to poorly conducted elections. However, CISA’s mission to build trust would be much more credible to the American people if they recognized that the 2020 election was maybe not the most successful and secure.

The idea that the election was primarily distrusted because of MDM associated with DVEs or what is now, in many cases, provable fraud in the 2020 election will not sit well with many Americans. DHS and CISA would do well to entertain even the theories it believes to be false if they truly wish to be seen as objective arbiters of information and trust in our future elections.