Bipartisan house bill would authorize ‘bug bounty program’ to secure election systems

A “bug bounty program” competition would be created to reward cyber experts for identifying gaps in the cyber defenses of the nation’s election infrastructure under a bill introduced in the U.S. House of Representatives on Thursday.

The Prevent Election Hacking Act of 2018 would authorize the U.S. Department of Homeland Security (DHS) to establish a recurring “Hack the Election” competition. Independent cyber experts would partner with state and local officials to identify vulnerabilities under the bill, which was introduced by U.S. Reps. John Katko (R-NY) and Mike Quigley (D-IL).

“Our foreign adversaries don’t have to hack into every single board of election to undermine our democratic process; it just takes a couple to achieve their goal of eroding public trust in our electoral system,” Quigley said.” Unfortunately, many state and local election boards don’t even know when they’ve been hacked — either because they don’t know what to look for or don’t have the technology needed to help spot an intrusion. That is why we must continue to better understand the vulnerabilities that exist so we can implement infrastructure upgrades that address them head on. This important bill will enlist the unique knowledge of cybersecurity experts to safeguard the foundation of our democracy — the right to free and fair elections.”

During 2016 election cycle, at least 21 state election systems were targeted by hackers, the intelligence community has confirmed. Still, many vulnerabilities have not been addressed or identified.

“As we saw in the last election cycle, our adversaries are committed to interfering in our nation’s democratic process,” Katko said. “This is a grave threat to our country and our nation’s security. Our voting systems remain vulnerable to hacking, and we must do more to protect against cyber aggression. This is an issue we must work across the aisle to address, and I’m proud to take the lead with my colleague Rep. Quigley. The bipartisan measure we’ve introduced (on Thursday) will help ensure our nation’s foremost experts on cybersecurity have the tools that they need to identify and combat malicious cyber attacks against our democracy.”