Robert Mueller didn’t let the moment pass without a final reminder about what his investigation found. The special counsel examined the Russian intervention in the 2016 presidential election and any involvement of the Donald Trump campaign. In his recent and only public statement on the findings, he concluded with a reiteration of “the central allegation of our indictments, that there were multiple, systemic efforts to interfere in our election. And that allegation deserves the attention of every American.”
Yes, it does. Amid the deep and understandable concern about the behavior of the president, first as a candidate and then in the Oval Office, there is a risk of playing down what Russia did, or failing to take the action necessary to make the country less vulnerable to such cyberattacks on the election process.
Thus, it matters that on Tuesday, Frank LaRose ordered county boards of elections to take steps to upgrade election security. The secretary of state wasn’t making a start. He was building on the work of his predecessor, Jon Husted, now the lieutenant governor. For instance, Husted issued a directive a year ago further defining a path toward improved security. It included a pilot program involving three counties testing some additional measures LaRose now has unveiled.
LaRose wants boards of elections to continue such things as membership in the Election Infrastructure Information Sharing and Analysis Center, a national clearinghouse of sorts for making boards aware of threats to their election information systems. The Department of Homeland Security provides services to protect against phishing campaigns and to assess the overall vulnerability of local elections operations.
Google has Project Shield, advanced filtering of harmful traffic, available at no cost. Most of these security steps are funded with federal dollars.
What LaRose is requiring additionally of elections boards includes taking advantage of other services from Homeland Security, such as a more extensive vulnerability assessment, remote testing to identify weaknesses in externally accessible parts and in-depth evaluations to determine whether the network has been compromised. The secretary also wants to launch a more secure email system at elections boards and the installation of a more sophisticated tool for detecting intrusions.
Part of the LaRose order may seem redundant. The Summit County Board of Elections already has been conducting criminal background checks. It brought in a cybersecurity team from the University of Akron to make an assessment. Yet redundancies are what make systems more secure.
How safe is the state elections structure, especially in view of recent headlines from Florida about penetrations of county elections offices by Russian hackers in 2016? Those intrusions involved public voter registration data. That isn’t good. But it wasn’t a harmful breach. More, as the LaRose order indicates, officials here are on the case. What makes the system secure isn’t just the vigilance in remaining alert and looking to improve. It helps that in Ohio, elections are conducted locally. Eighty-eight boards of elections pose a formidable obstacle to hackers seeking to inflict significant damage on an election. Counties such as Summit with paper ballots add a valuable layer of protection.
So there is reason to be confident that LaRose and officials at the local level are pursuing the necessary improvements. They would be aided if Mitch McConnell, the Senate majority leader, allowed for progress at the federal level, where there is bipartisan support.
Worth stressing, too, is that Robert Mueller wasn’t merely warning about security breaches. The country proved vulnerable to misinformation, Russian operatives generating distorted and false narratives. So election security is about more than equipment and procedures. It involves the quality of information, something that deserves the attention of every American.