Skip Navigation
Analysis

Addressing Insider Threats in Elections

There is an active effort to recruit rogue election officials to sabotage elections across the country.

Election officials were some of the biggest heroes of the 2020 election. After a grueling year that saw a pandemic, unprecedented disinformation efforts, and the highest turnout in over a century, they stood up to pressure from political actors seeking to overturn or cast doubt on the election results in key states. This collective, bipartisan effort helped avoid a constitutional crisis last year.

But the effort to sabotage our elections has only intensified, which is why Congress and state and local governments must take critical steps to protect against insider threats.

Plotting an inside job

Unfortunately, almost one-third of Americans still believe the false narrative that the 2020 election was stolen. Given this fact, we shouldn’t be shocked that among the more than 8,000 local election officials — and tens of thousands of additional public and private sector employees that support their work — there are some who will also buy into these conspiracy theories. In fact, there has been an active effort to recruit and convince election officials to facilitate these conspiracy theories and push the goals of election deniers.

There is reason to worry these efforts could gain traction and followers in the election official community. Following the threats, harassment, intimidation, political pressure, disinformation, and general exhaustion that election officials faced in 2020, many are choosing to leave the election administration field altogether. In Pennsylvania, for example, nearly a third of all county election officials left their posts between the beginning of 2020 and June of this year.

And in many cases, the people seeking to fill these open positions are those who have been most activated by the conspiracies surrounding the 2020 election and the most determined to abuse their authority to ensure a different outcome in 2024. At least 10 candidates running for secretary of state and 8 running for attorney general have received former President Trump’s endorsement because they backed his false claims that the 2020 election was illegitimate.

Regarding the endorsements, Trump’s spokesperson stated that the former president “notices when people are fighting for the truth about the November election results.” In Wayne County, Michigan — home of Detroit — a new official responsible for certifying results stated that he believes the 2020 election was inaccurate and that he would not have certified results. In Pennsylvania, election deniers recruited their followers to run for local positions that supervise polling places and oversee vote counting.  

What happens if such people are entrusted with administering our elections? We are witnessing the first glimpses now. In Colorado, a county clerk with connections to prominent election conspiracy theorists gave unauthorized access to the county’s voting systems. This access allowed the unauthorized person to copy the hard drives of Dominion voting equipment — a vendor targeted by many 2020 election conspiracy theorists — and share the copies publicly to spread disinformation. The secretary of state decertified the county’s voting equipment and ordered the county to replace the machines before the next election, in part because the unauthorized person leaked passwords for the voting system software.

In Michigan, a town clerk who shared election conspiracies on social media and who took office in 2021 refused to allow a vendor to perform routine maintenance on a voting machine because the clerk falsely believed the maintenance would erase old data that could prove the machines were rigged. When a central component of that machine went missing, the state police opened a criminal investigation into the clerk to locate the since-found equipment and determine whether the equipment had been tampered with.

In Ohio, an individual inside a county commissioner’s office connected a private laptop to the county network, in an attempted breach that state officials believe a government employee likely facilitated. While the connection did not allow access to voting systems, and no sensitive data appears to have been obtained, network traffic captured by the laptop was nonetheless shared at a conference hosted by prominent election conspiracist Mike Lindell — the same conference where information from the Colorado breach was released. Officials in both counties had previously discussed baseless claims about the 2020 election with associates of Lindell.

These incidents may turn out to be canaries in a coal mine.

Stopping insider threats

Lawmakers and election officials must act now to prevent such attempts to sabotage election administration in 2022 and 2024. While insider threat risks have not received much attention in recent years, they have been a central focus of security efforts in other sectors, and best practices, such as these from the Cybersecurity and Infrastructure Security Agency, exist to prevent and respond to this activity.

Among other things that can be done to both secure election systems from insider threats and build public confidence that those systems can be trusted, states and counties should take the following actions (and, where appropriate, provide the funds necessary to support such mandates):

  1. Restrict access to election systems. Election officials should ensure that an individual only have access to critical systems — both physical and digital — if access is necessary for that individual to perform their official responsibilities, and only to the extent that those responsibilities require it (this is known as the “principle of least privilege”). In addition, election officials should require all individuals that access critical systems to first complete a background check. A recent regulation in Colorado, for example, restricts voting system access to individuals who have passed a background check and are an employee of the county clerk, voting system provider, or secretary of state’s office. 

    Where possible, official procedures should require two people and/or bipartisan teams to be present when accessing election systems, ballots, and election records. Election staff should also be on site with private vendors at all times.
     
  2. Establish transparent procedures and monitor for inappropriate activity. Transparency protocols helped officials in Colorado identify the source of leaked voting system information. A state investigation found that the county clerk gave an unauthorized person a key card, and this card was logged when the individual entered the election facility. The clerk had also blatantly flouted another transparency measure by turning off video surveillance of the voting machines before the breach. But if the information obtained from the breach had not been discussed so publicly, it’s possible the state would have missed this activity. 

    Election officials must adopt and actively review transparency protocols to ensure that every person who accesses election systems is authorized to do so. Funding should be provided for election officials to install key card access to facilities that hold voting systems, so that a log of every entry can be created. All election offices should be equipped with and require 24-hour surveillance of voting systems and ballots, that can be reviewed and compared with access logs in the event of unauthorized activity. Where possible, that footage should be stored for at least two years. Both the access logs and surveillance data should be made available to the state, and state officials should ensure that local offices have sufficient procedures in place to detect unauthorized access.
     
  3. Remove and prosecute officials and workers who actively undermine election integrity. When officials do discover wrongdoing, these individuals must be held accountable. States have different processes for removing election officials. In some cases, the entity that appointed an election official may simply fire that individual. In others, state officials may hold power to remove election administrators or strip them of election responsibilities. Officials may also seek permission from courts to do so. State and local officials, as well as their attorneys, should be familiar with the removal options available and be prepared to take the steps necessary to protect our election infrastructure from insider threats.

    Where appropriate, law enforcement officials should also pursue prosecution against election workers who tamper with or allow unauthorized access to voting systems and election materials. State laws may require updating to address this conduct. 
     
  4. Don’t forget the vendors. Private vendors are involved at every stage of an election, from registering voters to counting ballots to reporting results. States can act now to establish standards on cybersecurity, personnel security, and supply chain integrity for their election vendors. Local election offices can also build in safeguards through contracts when purchasing equipment and services. As a rule, vendors should be held to the same or higher level of standards for access and transparency as county or state employees. This can include background checks and the requirement to always have a state or county employee present when vendors access critical systems. This can also mean restricting or eliminating remote access by vendors.

    In contrast to other critical infrastructure sectors, election vendors face little federal oversight. The Freedom to Vote Act, which is before Congress now, would change this by establishing security criteria that private companies must meet to qualify as election vendors that can receive federal funds.

Some of these solutions require statutory or regulatory changes, and items 1 and 2 will certainly require additional resources for election offices. Congress should take a leading role in providing the ongoing funding needed to keep elections secure from all threats, including insider attacks. But states should also help fill the gap.

Finally, over the next year, it is vitally important that we ensure the public understands the stakes for election administration in upcoming elections. Across the country, candidates are running now to be responsible for the 2024 election. Twenty-six states have an election for secretary of state in 2022, including Arizona, Colorado, Georgia, Michigan, Minnesota, and Nevada. Voters will also select local election officials in many states, including Colorado, Michigan, Nevada, New Hampshire, Texas, and Wisconsin. These officials will have a critical role to play in ensuring (or undermining) the democratic process in 2024 and beyond.