In the aftermath of the 2016 US presidential election, lawmakers have seen little change in security for voters. But if voting machine security standards don't change by the 2020 presidential election, Sen. Ron Wyden warns, the consequences could be far worse than the cyberattacks of 2016.
The Democrat from Oregon, who is a member of the Senate Intelligence committee, told the Defcon hacking conference that US voting infrastructure is failing to keep elections secure from potential cyberattacks. He made the comments in a Friday speech at the Voting Village, a special section of the Las Vegas conference dedicated to election security.
"If nothing happens, the kind of interference we will see form hostile foreign actors will make 2016 look like child's play," Wyden said. "We're just not prepared, not even close, to stop it."
Election security has been a major concern for lawmakers since the 2016 election, which saw unprecedented interference by the Russians. Though no votes are believed to have been changed, the Russians targeted election systems in all 50 states, according to the Senate Intelligence Committee.
Legislation to protect elections has been trudged along in Congress. Multiple members of Congress were at Defcon to discuss the issue, as well as to learn about cybersecurity policy.
In 2018, Wyden proposed an election security bill requiring paper ballots. The House passed its own, similar election security bill, with input from Wyden, but it was blocked in the Senate by Majority Leader Mitch McConnell. McConnell, a Republican from Kentucky, called it partisan legislation.
On Friday, Wyden blasted McConnell, calling him the reason why Congress hasn't been able to fix election security issues. "It sure seems like Russia's No. 1 ally in compromising American election security is Mitch McConnell," Wyden said.
McConnell didn't respond to a request for comment.
Wyden added that voting machine makers shouldered much of the blame over election security issues and he called out lobbyists representing the vendors. Voting machine makers haven't addressed all the vulnerabilities that hackers at Defcon found in models currently in use during the 2017 and 2018 conferences.
He noted that lawmakers faced a deadline to pass election security legislation by fall of 2019 to ensure the 2020 US presidential elections are safer. If they don't, Wyden says public trust in the outcome could be compromised, regardless of the results.
"Business as usual with the voting machine is an imminent threat, a clear and present danger to our democracy," Wyden said. "2016 should have been a wake-up call. But the companies are not changing."
Wyden ended the panel by calling for public pressure on Congress and McConnell to pass an election security bill. He wasn't the only person from Capitol Hill at Defcon calling for changes in election security.
At an earlier session, a Department of Homeland Security representative said it was expanding its outreach to ensure election security with local voting officials.
Cybersecurity and Infrastructure Security Agency Director Chris Krebs said his group's top priority for the 2020 election is reaching out to as many local officials as possible, and encouraging paper auditable ballots. Krebs also reflected that Congress needs to take action to provide election security nationwide.
"I don't know where some of these other states that have [voting machines] without a paper trail, I don't know where they're going to get their money," Krebs said. "But they need it. Their state needs to step up, their legislators need to step up."