Hackers breaking into any voting system used in federal elections can be charged with a federal crime by the U.S. Justice Department with the passage of new legislation in the Senate.
The bipartisan Defending the Integrity of Voting Systems Act, which passed the upper chamber by unanimous consent, enables the Justice Department to charge alleged perpetrators with violating the Computer Fraud and Abuse Act (CFAA). It stands among the few election security bills that haven’t stalled in the Senate. Nearly all legislation passed by the House aimed at better securing the U.S. election systems following the Russian attack in 2016 hasn’t been brought up in the Senate for a floor vote. Chief among the scuttled bills includes a measure to allocate $1 billion to state and local governments to tighten election security and require backup paper ballots.
Yet another bipartisan bill that would support information-sharing of cyber threats between federal intelligence services and state election officials has also bogged down in the Senate. Security professionals regularly tout information sharing as a central component to combating hackers. In addition, a bill sponsored by Sen. Mark Warner (D-VA) that would require campaigns to inform the FBI about contacts with foreign nationals attempting to make campaign donations or coordinate with the campaign has been blocked.
Critics of proposed federal measures contend that the legislation erodes state authority over elections. This bill, however, has made it through the Senate blockade. Its sponsors include Sen. Sheldon Whitehouse (D-RI), Richard Blumenthal (D-CT) and Lindsey Graham (R-SC), who together introduced the legislation in the Senate two months ago.
At the time, Blumenthal said: “Our legislation to protect voting machines will better equip the Department of Justice to fight back against hackers that intend to interfere with our elections. This bill shows that securing the nation’s elections and cyber infrastructure can be a bipartisan cause.” Blumenthal initially proposed the bill a year ago in tandem with the International Cybercrime Prevention Act, which would enable federal prosecutors to shut down botnets among a list of cybercrime fighting tools.
The Justice Department has previously cautioned that the Computer Fraud and Abuse Act didn’t adequately cover hackers invading voting systems “in many common situations.” In general, the CFAA only prohibits hacking computers that are connected to the Internet. (via The Hill) However, voting machines are often not Internet facing. The new bill amends the CFAA to include all voting systems.