The real security threat to the 2018 midterm elections is low voter confidence

A woman exits the voting booth after filling out her ballot for the U.S presidential election at the James Weldon Johnson Community Center in the East Harlem neighbourhood of Manhattan, New York City, U.S. November 8, 2016.  REUTERS/Andrew Kelly  - D1BEULQVQHAB
Editor's note:

Visit our 2018 Midterms page for Brookings experts’ research and analysis related to the upcoming midterm elections, and subscribe to the Brookings Creative Lab YouTube channel to stay up to date on our latest videos.

Almost eight in ten Americans are at least somewhat concerned about the potential hacking of the nation’s voting systems, according to a University of Chicago poll. Brookings Fellow Susan Hennessey explains that the security threat to the infrastructure of the 2018 midterm elections is real and ongoing, but that the real goal of hostile foreign hackers is to undermine confidence in the electoral system, not to change votes or election outcomes.

What you need to know:

  • Election security, in its purist sense, refers to anything that interferes with the ability of a citizen to vote and for their vote to be properly recorded and reported back.
  • Apart from core election security issues is the broader question of information operations, which impact the wider context in which voters make decisions about their elected leaders but are distinct from pure election infrastructure security.
  • The challenges of and solutions for information operations and election security are different and sometimes dramatically at odds.
  • The threat of someone hacking into a voting machine and changing votes is possible as a technical matter but the hacker would have to target many thousands of voting terminals, which all run different software, in different locations (which one would have to pick in advance), while avoiding forensic detection and the detection of U.S. and allied intelligence communities. This makes voting machine hacking a threat that we need to take seriously, but which is unlikely.
  • U.S. adversaries don’t necessarily care about changing election outcomes. Their goal is to undermine confidence in the democratic process. Therefore, they don’t have to successfully change votes, they just need to penetrate systems in such a way that experts aren’t able to say that they have a high degree of confidence in the integrity of that result.
  • If foreign hackers can cause Americans to question whether or not they have properly selected their leaders, they have committed a successful assault on liberal democracy.
  • The U.S. Constitution includes an “elections clause” that says states, and not the federal government, are allowed to determine the time, place, and manner of elections but also that Congress can override any of those regulations other than the place of electing senators.
  • Because of that, we have a strong culture of federalism surrounding elections. Any time states perceive the federal government as overstepping, they’re likely to push back very hard.
  • Faced with the kind of adversaries and immediate and ongoing threats that we currently face, we should expect Congress to perform the function that the Constitution assigns to it.
  • The threat to the midterms is real and ongoing but when the adversary’s goal is to undermine confidence in the U.S. electoral system, we have to be careful about how we talk about this threat; if we convince the American people that their elections do not have integrity, then we are doing the bad guys’ work for them.