As the race for the White House ramps up, the FBI is changing its policies so states can better prepare for potential cyberattacks. On Thursday, the federal law enforcement agency said it’ll expand its notifications about hacks affecting election infrastructure and include state-level officials, as well as local and county authorities.
Previously, the FBI notified only the affected counties, which carry out elections, not the election officials for the entire state. That became a concern because state election officials certify results and need to know about cyberattacks if they occur.
Election security is a major issue for the 2020 US presidential campaign, with the federal government looking to avoid cyberattacks similar to those that plagued the 2016 election. Russian hackers successfully infiltrated state election databases, as well as voter databases in two Florida counties. The Department of Homeland Security concluded that cyberattacks didn’t result in altered votes or tampering with voting machines.
State officials in Florida didn’t learn about the breaches until after then-special-counsel Robert Mueller’s report on election interference was publicly released. In May, Florida Gov. Ron DeSantis said state election officials were briefed by the FBI only after the report came out.
The new procedures mean such delays may be avoided in the future.
“The FBI’s interactions regarding election security matters must respect both state and local authorities,” the agency said in a statement. “Thus, the FBI’s new policy mandates the notification of a chief state election official and local election officials of cyber threats to local election infrastructure.”
In a statement, Rep. Stephanie Murphy, a Democrat from Florida, said that the policy change was welcome, but not enough.
Murphy is one of many lawmakers who were frustrated with the FBI’s disclosure process, pointing out that she didn’t know about the Florida county hacks until she had requested a private briefing with the agency. She is a co-sponsor on the ALERTS Act, which would require DHS to notify state and local officials, members of Congress and affected voters when an election system breach happens.
“I will continue to push for federal officials to provide more information to the voting public when foreign powers interfere with our democracy,” Murphy said in a statement. “Our citizens will then be in a position to check their voter registration data to confirm it wasn’t tampered with and to hold accountable state and local officials who fail to protect election infrastructure.”
The policy change comes as election security efforts are targeted on a local level. The Department of Homeland Security said it’s focusing its outreach on local county officials, who experts have said are the most important part of the voting infrastructure.
The FBI said its new policy will give state election officials a better opportunity to watch out for attacks in other counties and to improve collaborative efforts in keeping the election safe from hackers.
“Cyber intrusions affecting election infrastructure have the potential to cause significant negative impacts on the integrity of elections,” the FBI said in a statement.