What is the Center for Internet Security, and what does it mean for Nov. 5 and beyond?
If you value articles like this, sign up for our daily email newsletter and support us with a donation.
Editor's note:
Election Day is Nov. 5. Be ready for the ballot box by registering to vote.
For information on registration deadlines in your state or territory, click here.
To register to vote online, or update your registration, click here.
Imagine a private nonprofit, led by former military and intelligence officials, that has direct access to the voting infrastructure of the entire nation. Now imagine this organization operates with limited public oversight, and is shielded from Freedom of Information Act (FOIA) requests. If you're already uneasy, you're not alone.
In a recent In-Depth episode, former Michigan State Senator, and Department of Defense Engineer, Patrick Colbeck, brought up these concerns about the Center for Internet Security (CIS), a cybersecurity NGO that is tasked with protecting U.S. elections –but Colbeck's findings suggest that it could be far more influential, and potentially dangerous, than we realize.
In 2017, the Department of Homeland Security (DHS) tasked the CIS with protecting US election infrastructure through the creation of the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC).
This was part of DHS's broader effort to safeguard election systems after designating them as critical infrastructure. The Cybersecurity and Infrastructure Security Agency (CISA), a division within DHS, leads this effort.
CIS, through EI-ISAC, provides state and local election offices with technical tools such as Albert sensors, which monitor network traffic for signs of cyberattacks.
These services, which also include threat intelligence and incident response, are offered at no cost to eligible election offices. As of 2022, there were 3,217 official members of the EI-ISAC. Membership spanned all 50 states and 2,532 of 3,143 counties. In addition to government entities, 40 electronic voting system vendors and 5 other NGOs were members.
However, the results of the 2020 election have left many conservatives skeptical of government involvement in elections.
As Colbeck pointed out, voters are told election systems are safe because they have no access to the internet (access that would be needed if one were to attempt to interfere). However, the monitoring sensors require the internet to access the election systems they monitor.
And herein lies the concern. Through these sensors, CIS gains privileged access to sensitive election records such as voter registration data, pollbook entries, tabulation data and election night results. However, because they are a private nonprofit and operate outside the scope of FOIA access, this access to sensitive systems raises concerns.
WHAT ARE ALBERT SENSORS?
Albert sensors are network monitoring devices that are deployed across state and local election offices and report data back to the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC). These sensors are designed to monitor network traffic for signs of cyber threats, like unauthorized access attempts, malware, or suspicious behavior.
To be clear, according to CIS, Albert sensors do not directly monitor voting machines that are "air-gapped" (meaning they are disconnected from the internet to prevent tampering or unauthorized access). These voting machines, particularly those used for vote tabulation, are intentionally isolated from external networks to protect the integrity of the voting process. Since they are not connected to the internet, they are outside the scope of Albert sensors, which are designed to monitor internet-accessible networks for cyber threats.
Instead, Albert sensors focus on monitoring networked election systems, such as voter registration databases and systems used to transmit election results from local precincts to central offices. These parts of the election infrastructure are more vulnerable to cyberattacks because they are connected to the internet.
The sensors analyze network traffic for suspicious activity, including unauthorized access attempts and malware, and send alerts to election officials if threats are detected.
CONCERNS ABOUT CIS AND ALBERT SENSORS
Of course, it is exactly the access to the online election systems that is the concern.
These sensors monitor network traffic related to critical election systems, including voter registration databases, vote tabulation systems, and election result reporting. While CIS maintains that the sensors are purely for monitoring purposes, critics worry that this kind of access opens the door to voter roll manipulation or even vote tampering.
A report by LetsFixStuff.org argues that Albert sensors serve as a "front door" to sensitive election systems, potentially allowing bad actors to tamper with voter data or disrupt the reporting of results.
Critics point out that, while the sensors cannot directly alter data, the information gathered could expose vulnerabilities in election systems that others could exploit.
Albert sensors are tasked with monitoring the networks responsible for transmitting vote totals from precincts to central counting centers. This raises concerns that they could be used to delay or disrupt the reporting of results, even if the votes themselves remain untouched. In tightly contested elections, even the appearance of delays or irregularities can breed doubt and undermine public trust.
VOTER ROLL SUPPRESSION AND MANIPULATION
Another concern is the potential for voter roll suppression or manipulation via denial-of-service (DoS) attacks on voter registration databases. With the visibility Albert sensors provide, an attacker could use this information to launch a DoS attack, which could temporarily disable access to voter registration databases. This would prevent voters from verifying their eligibility at polling stations and could result in voter suppression – particularly in precincts that lean toward one political party.
Further, there is the possibility of direct manipulation of voter rolls. While CIS does not directly access these databases, its monitoring of network traffic could identify vulnerabilities that allow bad actors to delete or alter voter information. Such manipulation could disenfranchise thousands of voters in key districts.
LACK OF TRANSPARENCY AND OVERSIGHT
One of the greatest criticisms of CIS is its lack of transparency. As a nonprofit organization, CIS is not subject to Freedom of Information Act (FOIA) requests, which means its operations are largely hidden from public scrutiny. This lack of public accountability fuels concerns about what exactly CIS is doing with the sensitive data it monitors.
In a technical advisory published by the Election Crime Bureau, the report flags the risks of centralized control over election security and calls for more independent audits and public oversight to ensure the integrity of the election process. The advisory points out that, with access to network traffic, Albert sensors could be used to manipulate data without public awareness, raising serious concerns about election transparency.
THE PRIMARY CONCERN
The primary concern, however, is the issue of private organizations running our elections without substantive transparency. According to LetsFixStuff.org, electronic voting systems (responsible for tabulating the votes cast on ballots across America) have "illusory provisions in their contracts with our government" where citizens, and even most government officials, are not allowed to examine how they tabulate the votes or examine their audit trail.
WHAT CONSERVATIVES SHOULD DO
Given these concerns, there are steps that conservatives can take to ensure election integrity in 2024 and beyond.
1. Demand Transparency from Election Officials
It is crucial to demand greater transparency from election officials, not least of which would be greater transparency about the role of CIS and its tools. By pushing for greater transparency, voters can ensure that election systems are not being tampered with behind closed doors.
2. Advocate for Independent Audits
To mitigate the risks of centralized control over election security, conservatives should push for independent audits of election infrastructure. These audits should be conducted by organizations with no direct ties to CIS or the federal government. Independent audits would provide an extra layer of protection against potential misuse of government capabilities.
3. Support Paper Ballots and Post-Election Audits
Paper ballots and post-election audits offer the most secure methods for ensuring election integrity. Paper ballots provide a physical record of each vote, which can be manually verified in the event of a recount or audit.
In addition, audits should be mandated to ensure that the electronically reported results align with the paper records. This method offers a safeguard against any tampering that could occur through electronic monitoring or vote tabulation.
4. Stay Informed and Get Involved
Finally, conservative voters should stay informed about the issues that will affect elections and get involved by volunteering as poll watchers or election observers. Active participation in the election process is one of the best ways to ensure that elections are conducted fairly and transparently.
For those interested in further understanding the full scope of the potential risks, the Election Crime Bureau’s technical advisory offers a comprehensive analysis of the vulnerabilities that exist in the current system.
Arthur is a former editor and consultant. Born in India to missionary parents, he spent his early career working in development for NGOs in Asia, Central America, and Africa.
Arthur has an educational background in history and psychology, with certifications from the University of Oxford and Leiden in the economics, politics, and ethics of mass migration and comparative theories in terrorism and counterterrorism. He is currently launching CivWest, a company focused on building capital to fund restorative projects and create resilient systems across the Western world.