US election security official warns of ‘significant misinformation’ following Trump assassination attempt, Biden exit
The top group of U.S. election chiefs last week unveiled a new leadership roster ahead of the 2024 presidential race.
Kansas Secretary of State Scott Schwab, who recently led the National Association of Secretaries of State, was named co-chair of the organization’s cybersecurity committee when election executives gathered for their summer meeting in Puerto Rico.
The panel serves as a conduit for election officials to trade ideas and best practices on how to protect their networks, and data, against foreign and domestic malicious actors.
“We don't know those ideas are out there because we're just so spread across the continent,” according to Schwab.
First elected secretary of state in 2018, Schwab spoke with Recorded Future News about how digital security has changed since the last presidential race, the current threat landscape and how ransomware has hit his state particularly hard.
This conversation has been edited for length and clarity.
Recorded Future News: How has cybersecurity changed, as it relates to your office and that of other election executives, since the last presidential election? Are officials more savvy now?
Scott Schwab: It's an ongoing evolution. Secretary [Steve] Simon out of Minnesota has the best quote. He said, ‘Cybersecurity is like running a marathon that you have to win every day and the race never ends.’ You're constantly updating.
To say it's any different the last four than it was a previous presidential election, it really isn’t.
The biggest disruption we had as it relates to election administration was when then President Barack Obama declared election systems critical infrastructure. We didn't know what that meant. How do you declare us something when you have no authority over us?
Because I'm an independent elected official separate from the U.S. administration, it became more of a partnership. It's been quite the adjustment for CISA [the Cybersecurity and Information Security Agency] and Homeland Security to realize they can't tell us what to do but they can give us strong advice.
We, as elected election administrators, had to gain access to certain classified and secret documents and reports … so that we knew what the threats were so that we can adjust our systems and work with our vendors to make sure we're secure and we're all on the same page.
Secretary [Steve] Simon out of Minnesota has the best quote. He said, ‘Cybersecurity is like running a marathon that you have to win every day and the race never ends.’ You're constantly updating.
— Kansas Secretary of State Scott Schwab
RFN: Where would you rate that for that partnership between election executives like yourself and the federal government today? Let’s do 1 to 10.
SS: I would say with CISA it's above a 5. It's better than average.
I would say [CISA Director] Jen Easterly has been doing a fantastic job about reaching out to various election officials to make sure we have a quality working relationship and to be able to just call her on her cell phone when you have concerns has been just so helpful.
Homeland Security at-large has been very helpful. I would say Homeland Security is an 8.
I'd say the Department of Justice is like a 2. I can't speak for NASS on that aspect, because everybody deals with them in a different way. But as it relates to the Secretary of State for Kansas, the Department of Justice is frustrating, incredibly frustrating. They always want information from us but they rarely give it back.
RFN: Let’s talk about the threat landscape. What’s your take on election misinformation and disinformation?
SS: It ebbs and flows. In April, there's not tons. In a non-presidential year there's not a whole bunch of misinformation. As we ramp up into the presidential election, and we had seismic news last weekend, there's going to be significant misinformation that comes from that.
The misinformation we're more concerned with, and oftentimes people don't think about this: there's a difference between campaign misinformation and election disinformation.
Our biggest concern is election misinformation, when people provide misinformation about how to vote, where to vote, deadlines, how the voting process is actually done.
I always go back to folks saying, ‘Here's the deal: your neighbors are running that election. It's not me as Secretary of State. It's not some person behind a computer screen in a foreign country. It's your neighbor. It's your neighbor checking you in. It's your neighbor giving you your ballot. It's your neighbor helping you walk through the process. It's your neighbor that ultimately ends up counting the ballots.’
So the folks that think, for example, Secretary Schwab is running the election. How could I? I don't touch any ballot but my own.
As it relates to the Secretary of State for Kansas, the Department of Justice is frustrating, incredibly frustrating. They always want information from us but they rarely give it back.
— Kansas Secretary of State Scott Schwab
RFN: Along those lines, what is your opinion of the recent Supreme Court ruling that allows CISA and the FBI to resume talking to social media firms?
SS: Kind of all over the place.
I've got really mixed feelings about it because this does affect people's lives. But you don't want to start eroding the First Amendment as it relates to free speech and freedom of religion. We always end up going down that pathway because it's to protect the people.
But our Founding Fathers were very, very clear that this is not a governmental right, it's not a political right, it's a right that's been given by God and nobody can take it away.
A civic duty of elections is just one of the beautiful things of America. But when you're trying to destroy it, yeah, we take that pretty personally.
At the same time, we also swear to uphold the Constitution.
I'm normally a pretty black-and-white thinker, but, on that one, emotions go all over the board.
RFN: Will artificial intelligence be a concern in this election cycle?
SS: The concern I would have, hypothetically, is let's say we're coming into late October, getting close to Halloween, and suddenly, there's an AI-generated image of me that looks very similar to me that says, ‘Hey, due to the high voter turnout, we're asking everybody that's 60 and older to please vote on Wednesday.’ Well that's the population that may actually believe that.
I would say the bigger threats will be in the next cycle, in 2026 and 2028. AI is still a very new technology, and for those who want to use it for nefarious purposes, this is kind of a trial run. They're really not sure how to use it. But they'll be professionals and they will be ninja-like when it comes to the next few cycles. That's when we're going to have to be more diligent about, as citizens, imagery.
RFN: Close to home, key state and city networks throughout Kansas have been hit with ransomware recently. Are you worried about election systems being attacked?
SS: I am not as concerned with Kansas but we are aware and we're constantly testing.
I don't want to go into the nuances of how I know we do that.
Martin Matishak
is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.