Even as it is consumed by political fallout from Russia's meddling in the 2016 election, Washington is still struggling to respond to what many officials see as an imminent national security threat: a network of voting systems alarmingly vulnerable to foreign attack.
As hackers abroad plot increasingly brazen and sophisticated assaults, the United States' creaky polling stations and outdated voter registration technology are not up to the task of fighting them off, according to elections officials and independent experts.
Senior national security officials have repeatedly said that the United States should prepare for more foreign efforts to interfere with elections. On Tuesday, President Trump's top intelligence advisor warned a Senate committee that Russia is moving to build on its earlier efforts to interfere with U.S. elections, which included a sustained campaign of propaganda and the unleashing of cyberoperatives.
"There should be no doubt that Russia perceives its past efforts as successful and views the 2018 U.S. midterm elections as a potential target," said Dan Coats, the director of national intelligence. The administration's top national security officials have all warned about the Russian threat, although Trump, himself, continues to minimize it.
Elections officials are daunted by the challenge of fortifying their defenses. Many still use outdated software that has fewer security protections than a decade-old cellphone. Millions of Americans vote on easily corruptible machines that provide no paper trail — an essential component for auditors to verify that tampering did not take place, experts say.
Although no evidence has surfaced to indicate that Russian hackers succeeded in directly tinkering with votes in 2016 — as opposed to propaganda efforts aimed at swaying public opinion — experts warn that the United States can't count on that holding true next time.
"Are we going to be prepared to prevent something more egregious from happening?" said David Salvo, a resident fellow at the Alliance for Securing Democracy, a bipartisan initiative guided by some of the nation's top national security experts. "We're all a little skeptical."
Congress has so far balked at providing resources to upgrade voting systems, despite the urging of some of the nation's most influential national security voices. Many states are too broke to take up the slack. The lumbering bureaucracies charged with inoculating elections against attack don't always talk to one another. Department of Homeland Security officials remain reluctant to share intelligence tips with the espionage neophytes on local elections boards.
"They will say, 'We may have information, but if you don't have proper clearance, we can't share it,'" said California Secretary of State Alex Padilla. "Well, let's do something about it."
"I wish the federal government would realize the magnitude and scope of these threats and act on them," he said.
Anxiety about the risk is shared at the highest levels of government. Secretary of State Rex Tillerson recently expressed doubt that the United States is any better prepared to deal with foreign election meddling now than it was two years ago. A bipartisan letter signed by a former Homeland Security secretary, CIA director and House Intelligence Committee chair warned that failure to help local elections boards upgrade their equipment could have "catastrophic consequences."
The warnings come as 500 elections officials in 41 states reported in a new survey by the Brennan Center for Justice at NYU Law School that the voting systems they use are more than a decade old. Many of them agree that the machines need replacing, but reported they don't have the money to do it.
"We're cannibalizing [voting] booths that no longer function to pull parts," said Neal Kelley, the Orange County registrar of voters. Kelley said he never imagined when he took the job 14 years ago that fighting off Russian hackers would become a central part of his duties.
"This is absolutely top of mind for us," he said. At least Orange County, like all other jurisdictions in California, keeps a paper trail of votes that can be audited. Cybersecurity experts say paper — if audited properly — is ultimately the best defense against hackers. Roughly one in five voters in the United States casts a ballot with no such backup.
How vulnerable our elections are to tampering is a matter of dispute. Elections officials tell a concerning story. Cybersecurity experts and "white hat" hackers who have probed the machines offer an even more worrisome account.
When hackers were unleashed on 30 different voting systems at the DEF CON 25 conference in Las Vegas over the summer, every single one was penetrated. Some within minutes. In one case, a 16-year-old acting alone was able to hack into a machine in less than an hour. Some machines were compromised without a trace of evidence left behind.
"These systems are uniformly vulnerable," said Jeremy Epstein, deputy division director for computer and network systems research at the National Science Foundation. "Any cybersecurity expert would come to that conclusion," he said in an interview, offering his personal view, not speaking for the agency.
While Homeland Security has taken encouraging steps to confront the risk — sending teams to election districts to conduct security scans and sharing more intelligence information with the states — "anyone who thinks that is enough is not looking close enough," he said.
"Imagine hiring someone to see how resistant your house was to burglars, and they just twisted the front doorknob to make sure it was locked," he added, offering an analogy for the lack of thoroughness of the security tests currently being done.
Homeland Security officials say the security training sessions and assessments they conduct are having a big impact, and new channels of communication have been opened to share threat alerts with local elections supervisors, department officials said.
"There is no question we are making real and meaningful progress," said a statement from Jeanette Manfra, assistant secretary for the Office of Cybersecurity and Communications at the DHS.
The government's Elections Assistance Commission has been moving aggressively to make local officials aware of the severity of the threat, prepare them to confront it and increase their access to federal intelligence. It has encouraged local officials to take part in election war games run by Harvard's Belfer Center for Science and International Affairs, which simulate a foreign cyberattack and require officials to figure out how to keep election day from melting down.
It's a stressful exercise. Participants are confronted with the prospect of their decisions leading to mass protest, aggravated by a concurrent social media propaganda campaign launched by the hackers.
Elections officials increasingly find themselves in a job they never signed up for: information technology managers tasked with protecting some of the most sensitive computer systems in the world. Yet they don't have the defenses of a major retailer such as Target or a financial institution such as Citigroup — and even those operations are getting breached.
The state of Virginia got so spooked by what happened at DEF CON that, just nine weeks before its statewide elections in November, it directed all 22 voting districts to abandon the paperless electronic voting machines they had secured for the election and immediately shift to other systems. Pennsylvania announced this month it is also moving in that direction.
The pushback that some local voting officials gave to the Department of Elections in Virginia confirmed for computer scientists that too many still don't understand the degree of risk they face. Local officials insisted their systems were safe because they were not connected to the internet, or that they could be protected from intruders by wrapping them with tamper-proof tape. Hackers have shown repeatedly that such defenses are easy to penetrate.
"A seasoned actor that can do this is not even touching the machine," said James Scott, a senior fellow at the Institute for Critical Infrastructure Technology, a Washington nonprofit that is advising lawmakers on the cyberthreat. "The vulnerabilities are there to manipulate these machines."
A fix does exist, Scott said: Congress could provide money for new voting machines and mandate they produce a paper trail that is randomly audited, steps called for in several bipartisan measures that have been introduced but not acted on, such as the Secure Elections Act that California Sen. Kamala Harris and other senators are championing. All such proposals come with a price tag of hundreds of millions of dollars and neither the administration nor Congress has made that a priority.
Even national security experts who are skeptical that foreign operatives could stealthily change vote counts express deep concern.
"I don't know if they are aiming to change outcomes, but they don't need to," said David Becker executive director of the Center for Election Innovation and Research. Merely poking around an election system is enough to shake the faith of voters, he said.
Some Illinois voters remain rattled by the breach of their voter registration system before the 2016 election. At least 20 other states were also targeted, leaving voters to worry that even the blips election officials routinely confront — like a system error that delayed vote counting in Durham, N.C., during the last presidential election — is the work of hackers.
"Just the fact that they are interfering is having a tremendous impact," Becker said. "People are doubting whether they can trust their elections systems."
Follow me: @evanhalper
Feb. 14, 12:05 p.m.: This article was updated with information about the Secure Elections Act.