Skip to Content

New CDT Election Cybersecurity Report Looks at More than Just Voting Machines

(WASHINGTON) — The Center for Democracy & Technology (CDT), in partnership with the Konrad-Adenauer-Stiftung (KAS) foundation, issued a new report today examining cybersecurity vulnerabilities in the U.S. election system.

The report, An Agenda for U.S. Election Cybersecurity, comes one week after the Election Assistance Commission (EAC) issued the most substantial update to its voting standards in 15 years.

“The new EAC standards, called the Voluntary Voting System Guidelines (VVSGs), are essential for election security,” says CDT Senior Technologist for Elections and Democracy William T. Adler, who wrote the new CDT report with CDT Chief Technology Officer Mallory Knodel. “But their scope is mostly limited to voting systems, the hardware and software used to cast and count ballots.”

The CDT report looks beyond topics covered by the VVSG, such as voting machines and ballot tabulators, and considers vulnerabilities in election infrastructure in four additional areas: voter registration systems; poll books; absentee and mail-in voting; and the people who are involved in elections.

“The report takes a facts-based approach and considers, for example, the damage a cyberattacker could do to elections by attacking state voter registration systems or internet-connected e-poll books used to check in voters,” says Knodel.

Knodel and Adler say one major way Congress could improve election security would be to consistently fund the Election Assistance Commission at higher levels. That could streamline the process of updating the VVSGs and allow the commission to expand its scope beyond voting machines to things like voter registration systems and e-poll books.

“Despite a historically secure 2020 election, many voters did not trust the results,” says Adler. “A functioning democracy depends on widespread trust, which, in turn, depends on secure elections infrastructure. Although there were no major successful attacks on our election infrastructure last year, we cannot rest on our laurels. We hope this report offers best practices and policy considerations that will contribute to the resilience of American democracy.”

To bolster public trust in elections, CDT and the Alliance for Securing Democracy called on President Biden earlier this month to establish a bipartisan presidential commission to recommend ways to restore public trust in democracy.

CDT recognizes that, as more political activity touches the digital realm, there exists a real potential for technology issues to influence voting, compromise election activities, and alter core democratic norms. That’s why its work is aimed at addressing key challenges such as election official training, cybersecurity issues, technical volunteer capacity building, social media disinformation campaigns, and robust post-election auditing.