Exclusive: Homeland Security ramping up 'with intensity' to respond to election threats
WASHINGTON – The Department of Homeland Security is preparing for a potentially unprecedented array of election threats, including meddling by foreign governments, bomb threats, intimidation at the polls and the intentional spreading of disinformation to confuse voters, Secretary Alejandro Mayorkas told USA TODAY in an exclusive interview.
"We are dealing with it with intensity," Mayorkas said. "The right to vote and the integrity of the right to vote ? and therefore of the election itself ? is a fundamental element of our democracy.
“This is a nonpartisan effort,” he stressed. “And, in fact, all our efforts across this department are nonpartisan.”
A broad array of threats – and responses
DHS, especially through its Cybersecurity and Infrastructure Security Agency, or CISA, is mobilizing more than ever before to help state and local election officials bolster election infrastructure against threats, Mayorkas said.
In January 2017, in response to Russia’s aggressive effort to meddle in the 2016 presidential election and hack the Democratic National Committee's servers, DHS designated the election process as part of the nation’s “critical infrastructure.” That means protecting election-related assets, systems and networks, whether physical or virtual, are made a top priority because they are considered “so vital to the United States that their incapacitation or destruction would have a debilitating effect."
According to Mayorkas, Homeland Security is monitoring three main types of threats.
One is the cybersecurity threat to the integrity of U.S. elections, "very often by adverse nation-states,” Mayorkas said.
U.S. intelligence officials have concluded that Russia, as well as China, Iran and perhaps other nations, have continued to meddle in the U.S. electoral process, but with less intensity than Russia did in 2016 when it sought to aid former President Donald Trump against Democratic rival Hillary Clinton.
Another, Mayorkas said, is the physical threat to local election officials and poll workers. That has already spiked since the 2020 election and Trump's false claims of voter fraud.
Examples of that abound. One Texas man threatened an Arizona county election official and the official's children, warning of a “mass shooting of poll workers." Another in Florida threatened election workers by asking at a polling site: “Should I kill them one by one or should I blow the place up?”
Democrats also fear violence from those who would reject election results showing Joe Biden being reelected, according to USA TODAY'S reporting.
The third risk, Mayorkas said, is the "threat of disinformation, including the intentional spreading of false information to deceive people into thinking that their vote need not be, for example, placed on Tuesday when in fact that it needs to be placed on Tuesday."
In January, many Democratic voters in New Hampshire got an artificial-intelligence-generated fake robocall that used Biden’s voice to try to dissuade them from voting in the state’s primary election.
More: Voters got a call from Joe Biden telling them to skip the New Hampshire primary. It was fake.
A spotlight squarely on elections ? and Homeland Security
Election security experts agreed that election-related conflicts will intensify during the rematch between Biden and Trump, who claims the 2020 election he lost was rigged against him.
“The threat is superheated, extremely complex, extremely volatile, and there's a variety of threat actors and a variety of methods that they may use to disrupt elections,” said Elizabeth Neumann, who was assistant secretary of counterterrorism and threat prevention at DHS in the Trump administration.
“It's very difficult to protect against because we don't know where it will manifest, when it will manifest or how it will manifest,” said Neumann, author of a new book on religious right-wing extremists. “We're on a tinderbox. And DHS has a fundamental and very important role in helping secure our election.”
DHS isn’t going it alone, Mayorkas and other senior department officials told USA TODAY. They will be working closely with state and local law enforcement agencies and election officials, who play a key role in securing polling places and acting as the eyes and ears on the ground in their own communities.
DHS says it will continue to collaborate with the FBI and U.S. intelligence agencies to identify and neutralize particular threats such as far-right extremist activity, potential domestic terrorist plots and malicious cyber activity. The Russian hackers who targeted the Democratic National Committee in 2016 remain a particularly worrisome threat, according to recent threat intelligence.
More: Meddling in elections, drugs and terrorism? Here's the U.S. intel new list of threats
“The command centers and task forces will be running nonstop and populated with representatives” from all of these agencies, said William Pelfrey Jr., a professor in the Homeland Security/Emergency Preparedness Program at Virginia Commonwealth University.
A crucial role for DHS
DHS, which born in the aftermath of 9/11, is at the center of the effort to safeguard Americans and their elections.
Like other threat experts, Pelfrey agreed that CISA probably will play an outsized role this election season, which both Biden and Trump have characterized as the most important in a century or more.
“There will be tremendous interest from state and nonstate actors as they try to influence the election,” Pelfrey told USA TODAY. “Disinformation, hacking of candidate and party websites, hacking of election and voting systems, these represent viable and likely targets.”
And CISA, he said, “has a critical role in target-hardening, counterhacking and information security.”
Cait Conley, senior adviser to CISA Director Jen Easterly, leads the agency’s work in partnering with state and local election officials to manage and reduce risk to the nation’s vast and decentralized election infrastructure.
In an exclusive interview with USA TODAY, Conley ticked off a long list of ways that CISA, and DHS more broadly, what she calls an unprecedented threat environment.
"We've really invested significantly in the election infrastructure security," Conley said, including providing real-time intelligence about specific threat information and ways to combat it to 3,700 local and state election entities through its Election Infrastructure Information Sharing and Analysis Center.
"We're providing best-practice security guidance to these stakeholders, and that's where we unpack threats, but also and most importantly provide them with recommendations for what they can actually do to mitigate those threats," said Conley, who was the Biden administration’s director for counterterrorism for the National Security Council before joining CISA last fall.
Protecting a vast and decentralized election
The threat to election offices and election workers, Conley said, “is something that we are very much aware of, and that we have seen increase over the past few years. And so we are trying to work with them to help them be prepared to mitigate those risks.”
To facilitate that, CISA has created the website Protect2024, which counsels local and state election officials how to mitigate an array of threats – and to protect their election infrastructure and their staff.
“There’s a document on there for critical infrastructure stakeholders about what are some personal security considerations” in terms of both physical dangers and cyberthreats, Conley said. “We talk about things like how do you protect yourself against doxing,” or the intentional release of personal information like home addresses and phone numbers that has been used to threaten election workers in recent years.
It is also providing grants to local jurisdictions to ensure that they have the resources to build their own capabilities to protect their elections, Mayorkas and Conley said.
Between mid-March and mid-April, Conley told USA TODAY, CISA has put out detailed guides almost weekly, including on how to secure election infrastructure against the tactics of foreign influence operations and a checklist for how election sites and even volunteer poll workers can bolster physical security at polling places.
“The other thing we do, though, and I think this is really part of what makes it special, is that CISA also has a really robust field force," Conley said. That team has done more than 400 on-site vulnerability scans and “penetration testing” to determine if particular election entities have been hacked since last year.
Conley said CISA also has provided trainings on specific threats, “like how election entities can prepare and train your folks on how to respond to an active active shooter event or a bomb threat.”
Attacks already have begun
The threat of violence against election workers is already playing out in this election cycle. Last November, letters containing the lethal drug fentanyl were sent to election offices in at least five states.
The incident delayed counting ballots in some local elections and demonstrated the threats faced by election workers across the country. The FBI and the U.S. Postal Inspection Service took the lead in investigating the mailings to election offices in Georgia, Nevada, California, Oregon and Washington.
DHS stepped in too, sharing threat intelligence on fentanyl and the mailings through its Election Infrastructure Information Sharing and Analysis Center. It put together guidance for election officials on how to safely and securely handle mail that could contain hazardous toxins like fentanyl, Conley said.
And its 10 regional field offices around the country mobilized, providing cybersecurity and physical security assessments and recommendations to state and local boards of election.
CISA recently hired 10 regional election security advisers with extensive experience in election administration and technology, Conley told USA TODAY.
And it has conducted training sessions on active shooters, de-escalation techniques at polling sites, handling hazardous materials and dealing with other cyber risks, physical risks, operational risks and foreign influence operations including disinformation campaigns.
For the midterm elections in 2022, DHS deployed physical and cybersecurity advisers to conduct assessments of the security environment and briefed election workers and law enforcement community on the threats they identified.
DHS will continue to do that, Conley said, and to use its National Terrorism Advisory System bulletins to flag and highlight calls to violence in response to unsubstantiated claims of election fraud and other false narratives.
All of these DHS efforts, especially in working with state and local officials, will become even more important in the weeks and days leading up to Nov. 5, said Neumann, who has been a senior Homeland Security official since before the founding of the agency in 2003, including a three-year stint on the White House Homeland Security Council in the George W. Bush administration.
“One of the things that I've heard in talking to federal and state officials about their concerns this year includes that they're expecting an uptick in bomb threats and swatting attacks,” Neumann said, referring to malicious calls that prompt police to respond with SWAT teams to shootings and other emergencies that didn’t occur.
It will be especially important for DHS – and local election agencies and law enforcement – to think through how they will deal with such threats in the lead-up to the election and, especially, on Election Day, she said.
“What's the right response? When you get one of these calls, you have to treat it seriously. But then what happens when you have shut down the polling place for a period of time?” Neumann asked. “How can we make sure that voting can continue while you're addressing a potential security threat?
This article originally appeared on USA TODAY: Alejandro Mayorkas responds to 2024 election threats: Exclusive