Polls close on Election Day with no apparent cyber interference

After years of planning and worry, polls closed on Election Day 2020 without the country's having seen any substantial public cyberattack.

"I think what you're seeing more than anything is 3½ years of collaboration," said Chris Krebs, the director of the Cybersecurity and Infrastructure Security Agency, or CISA, which is responsible for securing the country's infrastructure cybersecurity. He touted the joint effort with agencies like the U.S. intelligence community and the Election Assistance Commission.

"The 50 states are working together, sharing information," Krebs said. "From where we came in 2016 to where we are, we have a much better game plan."

The relative success is a stark contrast from that election — before CISA existed in its current form or elections had been designated as critical infrastructure by the Department of Homeland Security — when Russian military intelligence hacked into one state and several county systems.

It's impossible to state for sure how much the lack of an apparent cyberattack was due to successful planning, a lack of a serious attempt from a dedicated adversary or pre-emptive cyberattacks from U.S. Cyber Command. Matthew Prince, the CEO of the cybersecurity company Cloudflare, said he saw little serious effort.

"Generally: quiet on the cybersecurity front nationwide," Prince said in a text message.

But while there is still plenty of time for hackers to harass elections as states count and certify results, Election Day itself was fairly smooth sailing. CISA had long warned that state or county websites that report election results, which aren't tied to the official numbers, could make ripe targets for hackers, as Russia has done in Ukraine.

For around an hour Tuesday evening, Texas' results reporting site went down without explanation. But the issue was merely a problem with Civix, the vendor that hosts the site, Stephen Chang, a spokesperson for Texas Secretary of State Ruth Hughs' office, said in an email. It was restored a little after 9 p.m. ET.

Krebs' agency had long warned that the scourge of ransomware gangs that have targeted county and local governments in recent years could infect counties at a crucial moment, hampering their ability to quickly and easily conduct elections. Although election systems in two counties were tangentially affected in recent weeks — Hall County, Georgia, where an infection temporarily slowed absentee ballot counting, and Chenango County, New York, where an email outage meant some absentee ballot requests could not be processed — a senior CISA official said on a news call that there were no known new ransomware cases that touched on elections.

In the early morning, Ohio seemed to have the biggest problem, when the electronic poll books crashed in Franklin County, one of the state's biggest counties. But by state mandate, Ohio counties carry paper backups of their poll books, and Franklin was able to check people in manually with little delay, said Frank LaRose, Ohio's secretary of state. There was no indication that the issue was caused by a cyberattack.

"We issued a very aggressive checklist of items every county board had to do," LaRose said in a phone interview.

"The old saying I had in the military is you sweat in peacetime so you don't bleed in battle," he said. "It's kind of a dramatic way of saying it, but the point is you work hard in preparation so you don't have problems when it's time for actually executing on the job."

While polls appeared to have closed without a major hitch, Krebs cautioned that the window for hackers to affect the perception of the election's integrity could be open for weeks.

"We are by no means through this," Krebs said. "There's still a lot of time left on the clock. There are a number of things that could happen tonight, tomorrow, the ensuing weeks."