FBI Will Notify State and Local Election Officials of Cyber Intrusions

January 17, 2020

The Federal Bureau of Investigation (FBI) detailed a new internal policy to clarify and guide the timely federal notification of appropriate state and local officials of cyber intrusions affecting election infrastructure.

Protecting the integrity of elections in the United States against criminal activity and national security threats is among the top priorities of the Department of Justice (DOJ) and the FBI. Cyber intrusions affecting election infrastructure have the potential to cause significant negative impacts on the integrity of elections. Understanding that mitigation of such incidents often hinges on timely notification, the FBI has established a new internal policy outlining how the FBI will notify state and local officials responsible for administering election infrastructure of cyber activity targeting their infrastructure.

The FBI’s new policy recognizes the necessity of notifying responsible state and local officials of credible cyber threats to election infrastructure. Each state has a designated person to serve as its chief state election official with ultimate authority over elections held in the state, which often includes certifying election results. However, most election infrastructure is owned and operated by local governments. Likewise, the local election process is overseen by local election officials. The FBI’s interactions regarding election security matters must respect both state and local authorities. Thus, the FBI’s new policy mandates the notification of a chief state election official and local election officials of cyber threats to local election infrastructure.

The new policy is informed by existing FBI policies surrounding cyber incident notification thresholds and cyber victim notification in general. The new policy, however, provides updated and additional guidance on the timely dissemination of notifications and/or threat reporting; the protection of victim information and disclosures; and coordination between FBI and other agencies in regard to election security for maximum impact. Decisions surrounding notification continue to be dependent on the nature and breadth of an incident and the nature of the infrastructure impacted.

It is the intent of the FBI that this new policy will result in increased collaboration between all levels of government for the integrity and security of U.S. elections.

Over the past year, Colorado, Ohio, and West Virginia have been leaders in information sharing and cooperation on election security issues. The following is a joint statement from Colorado Secretary of State Jena Griswold, Ohio Secretary of State Frank LaRose, and West Virginia Secretary of State Mac Warner in response to news  that the FBI will immediately begin to share information about cyber-intrusions/attacks with state election officials:

“Today’s announcement from the FBI is a good step forward in protecting state election systems from our enemies, both foreign and domestic. Federal, state, and local governments must work together to better detect and protect against cyber-attack. We’ve already seen positive results from the partnership between our states, which strengthens our resilience from attacks and ensure voters across this nation will have the confidence they deserve as they cast their ballot this year.”

Terms of Use | Copyright © 2002 - 2020 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement