Ashcroft confident in Missouri elections ahead of Tuesday

Ashcroft said Missouri has made progress to further improve the security of results statewide but there is still work to do.

“I don’t believe that we just say our elections are good and we don’t continue to make them better,” Ashcroft said.

Ashcroft discussed the changes Missouri legislators made in the omnibus election bill passed earlier this year. They include a rule that Missouri voters must bring a valid government-issued photo ID to the polls, and that people also can cast their ballot two weeks before election day in person at their county clerk’s office, among others.

“We’re looking to have further changes passed next year to make sure that we continue to have accessible, secure, credible elections in the state of Missouri because you always have to be trying to do it better,” Ashcroft said.

One of those changes already passed earlier this year as part of the election omnibus bill will make electronic vote-counting machines against the law, although they are not commonly used in Missouri.

“You don’t want to just say, well, this is what went wrong four years ago, let’s make sure that can’t happen,” Ashcroft said. “Let’s make sure that what someone is dreaming up to mess up elections in four years we’re prepared for. I feel good about that.”

The Missouri Secretary of State’s office has about six-figure scans a day, according to Ashcroft. A scan means someone is trying to look for a security weakness.

“We treat every one of those as if it is potentially nefarious,” Ashcroft said. “We have to look at every potential occurrence as a nation-state attack.”

Not every one of those scans is an attempt at a cyberattack. Some are U.S. agencies or third-party vendors the office works with checking for weaknesses, and some are inexperienced hackers who do not pose a big threat, according to Ashcroft.

News-Press NOW asked Ashcroft if there have been any scans that raised concerns for investigators.

“You know, we are all the time examining scans that we get scanning electronic digital occurrences with regard to an exterior to our system and interior to our system, watching our system,” Ashcroft said.

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released a joint public service announcement last month. According to the statement, it is unlikely malicious cyber activity against election infrastructure would prevent or interrupt voting.

“Given the extensive safeguards in place and distributed nature of election infrastructure, the FBI and CISA continue to assess that attempts to manipulate votes at scale would be difficult to conduct undetected,” the statement said.

Other election systems are likely to be targeted, according to the FBI and CISA’s Oct. 4 statement.

“Election systems that house voter registration information or manage nonvoting election processes continue to be a target of interest for malicious threat actors,” the statement said.

The statement also said cyber actors may spread or amplify false claims of cybersecurity compromises to election infrastructures.

“As of the date of this report, the FBI and CISA have no reporting to suggest cyber activity has ever prevented a registered voter from casting a ballot, compromised the integrity of any ballots cast or affected the accuracy of voter registration information,” the statement said. “Any attempts tracked by FBI and CISA have remained localized and were blocked or successfully mitigated with minimal or no disruption to election processes.”