The Trump administration has declassified intelligence reports highlighting the continued vulnerability of America’s voter registration databases to foreign cyber attacks. These assessments emphasize that compromised election data could be exploited long after being stolen. The released documents, following President Donald Trump’s election security address, identify voter registration databases as prime targets for foreign intelligence services and cyber actors aiming to disrupt elections or undermine public confidence in democratic institutions.
The Department of Homeland Security (DHS) report, disclosed by the White House, reveals that hackers have made attempts to breach voter registration systems in all 50 US states over the past decade. At least 20 states have reported successful compromises. The report underscores that statewide Voter Registration Databases are appealing targets for foreign adversaries, with the exposure of sensitive voter information posing risks that extend beyond election day.
According to the assessment, stolen voter data could potentially be misused to manipulate absentee ballots, modify voter registration records, change polling locations, or delete voter registrations. The report also notes that information obtained in a cyber breach could remain valuable for years due to the static nature of personal data used for voter identity verification.
The intelligence reports detail a series of cyber incidents affecting election infrastructure since 2016, including Russian attempts to probe voter registration databases, Iranian endeavors to access voter registration information, and suspected Chinese cyber activities targeting election-related networks and publicly available voter data. President Trump, in his address, highlighted that the US has long been aware of foreign cyber threats to election infrastructure, with adversaries such as Russia, China, Iran, North Korea, and non-state groups possessing the capability to compromise US election systems.
The DHS report recommends enhanced cyber defenses for state and local election authorities, advocating for measures like routine offline backups of voter databases, wider adoption of multi-factor authentication, improved network segmentation, enhanced monitoring of internet-facing systems, and comprehensive incident-response planning. It also warns that large-scale breaches of personal information held by private companies could impact election security, as similar personal data is used for voter identity verification and absentee ballot processing.
President Trump mentioned that his administration has started notifying governors, members of Congress, and election officials in states potentially affected by cyber vulnerabilities. The Department of Homeland Security is set to collaborate with states to address known technical weaknesses before the upcoming midterm elections. While the report acknowledges repeated cyber intrusions targeting election systems, it does not assert that such activities altered the outcome of any US presidential election. Instead, it underscores the increasing importance of safeguarding voter registration databases as a critical national security priority amidst the expanding cyber capabilities of foreign governments.
