[Image via wikimedia]
The State of Minnesota has hired a new “cyber navigator” who will be responsible for assisting localities with managing election security in 2020 and beyond. The Star-Tribune has more:
Bill Ekblad spent nearly three decades as a naval cryptologist, working from ships and planes stationed in the Middle East and Germany to fight cyberattacks coming from around the world.
Now, the Minnesota native is back home and facing a uniquely tall order. Ekblad is the state’s first “cybernavigator,” hired by the secretary of state’s office to help local election workers guard against an increasingly expanding set of threats, from disinformation campaigns to foreign actors trying to penetrate election networks.
Ekblad’s new job arises from the expanding threats to American elections that have emerged recently:
“It’s a tale of surprises: I mean, I think that nobody really saw realistically the potential for foreign adversaries to meddle in elections prior to 2016,” Ekblad said in an interview from his office near the State Capitol. “And then in 2018, the game changed. It became less about the hard computer network operations and more about the soft skills of influence and hacking the mind of the voter.”
Ekblad, hired through a federal election security grant, is now drawing on that history to pose a new question to the scores of local officials in Minnesota’s 87 counties who are in charge of running this year’s elections:
“Why do we think 2020 will be something predictable?”
He is barely two months on the job, and his question will prove pivotal in confronting the types of threats posed by foreign hackers and domestic operatives seeking to undo voter confidence.
Local officials welcome the assistance – especially with regard to campaigns aimed not at disrupting the voting process but rather attacking voter confidence:
[D]isinformation, or the ability to sow discord through false or misleading social media posts, is becoming more of a concern to Ekblad and county-level election workers.
“There’s all types of things that we do from an administrative standpoint to guarantee the security of our elections,” said Deborah Erickson, administrative services director for Crow Wing County. “But if the voter confidence isn’t there, that’s where some of that danger can come into play…”
Erickson said she would like to see Minnesota enlarge its cybernavigator program. That could be underway, with the Secretary of State’s office poised to receive an additional round of federal election security funding — pending legislative approval.
Minnesota’s program is similar to that of other states, where cyber navigators are playing a key liaison role between federal and state officials and local election offices:
States are adding cybernavigators like Ekblad in concert with the U.S. Department of Homeland Security, which has worked with states to coordinate responses to the 2016 election attack. The navigators act as liaisons to local officials like Erickson, who must juggle other responsibilities and may not always have access to cybersecurity tools. Only nine counties in Minnesota have full-time staff dedicated to running elections…
In Illinois, where Russian hackers breached the state’s voter database, there are now nine cybernavigators to fan out across the state to help election officials find and fix vulnerabilities.
Neil Herron, a cybersecurity manager for the Illinois State Board of Elections, also has a background in naval cryptology. He believes the original 2016 Russian attack suggested that hackers sought to diminish voter confidence as much as influence the final vote. Herron points out that hackers were in the system for three weeks before being detected after setting off unusual spikes in activity.
“They weren’t able to get anything useful” from the database, Herron said. “So they shifted over to the propaganda aspect which is: Get loud. This has to be talked about because the biggest thing that they’re shooting for is the division of American politics.”
He added: “It’s easier to hack the voter than it is to hack the vote.”
Ekblad has hit the ground running – though the to do list is long:
Ekblad said he has established connections with officials responsible for running elections and IT support in each county, a vital task because each office represents a possible entry point into the statewide voter registration system that houses a trove of private information on more than 3 million registered voters in the state.
“We’re depending upon those counties to uphold their end of the deal on security,” Ekblad said. “And so part of that is communicating with them, communicating the expectations. But … a lot of them are sort of minimally aware of the risk that they represent if they’re not maintaining the standards that need to be maintained.”
Ekblad is now leading weekly briefings and regular e-mail blasts outlining the latest information on election security shared by the federal intelligence community. That includes ensuring counties use two-factor authentication to access the voter database and regularly updating Facebook and Twitter feeds that may spread false information about election days, polling places and voting hours.
In April, Ekblad plans to lead a statewide “tabletop exercise” that will pair election workers from across the state with federal officials to practice responses to hypothetical disasters.
Counties “have a go-to resource in my office and are able to say, ‘I don’t know what I’m seeing here, what should I do?’ ” Ekblad said. “Just to truly help them navigate the system is really what this position is designed to do.”
Cyber navigators like Ekblad are a new resource available to local election offices, and a key asset in the growing response to potential threats to the voting process. Here’s to continued cooperation in Minnesota and elsewhere as the election community looks to improve election security in 2020 and beyond. Stay tuned!