Minnesota Secretary Of State - ICYMI: Secretary Simon Remarks on Federal Support for Election Security
Skip to main content
MENU
search

News Room Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015

News Room

ICYMI: Secretary Simon Remarks on Federal Support for Election Security

March 4, 2025

SAINT PAUL – On February 27, 2025, Minnesota Secretary of State Steve Simon testified to the Minnesota Senate Elections Committee to provide information on the history and current status of federal support for election security. Full remarks are available below.

Secretary Simon also recently signed a letter to the U.S. Department of Homeland Security Secretary Kristi Noem in his role as the president of the National Association of Secretaries of State regarding the current review of work within the federal agency.

Secretary Simon’s testimony to the Minnesota Senate Elections Committee, as prepared:

Thank you, Mr. Chair and Members. Steve Simon, Minnesota Secretary of State.

During the 2016 election this is what happened in the words of the U.S. Senate Intelligence Committee, “Russian government-affiliated cyber actors conducted an unprecedented level of activity against state election infrastructure in the run up to the 2016 U.S. election.” (Source, U.S. Senate Intelligence Committee).

Following the unprecedented actions during the 2016 election, the Department of Homeland Security (DHS) Secretary Jeh Johnson designated U.S. election systems as part of the nation’s critical infrastructure, a decision that was later affirmed by DHS Secretary John Kelly.

Critical infrastructure is a DHS designation established by the Patriot Act and given to “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”

Other sectors that enjoy the “critical infrastructure” designation include the power grid, food and agriculture systems, transportation systems, military facilities, and the like.

Each critical infrastructure sector, or subsector, is given a federal Sector Specific Agency that is designated with structuring and managing the work of the sector. At the time Election Infrastructure was designated as a critical infrastructure subsector, the Department of Homeland Security was its designated Sector Specific Agency.

In October 2017, a Government Coordinating Council (GCC) was formed to ensure federal information and resources reach state and local election officials. And in February 2018, the Elections Infrastructure GCC voted to form an Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) to support the cybersecurity needs of the elections subsector. The EI-ISAC has been funded by the federal government as a division of the non-profit Center for Internet Security.

Finally, later in 2018, the congress passed, and President Trump signed legislation establishing the Cybersecurity and Infrastructure Security Agency (CISA). At this time, the support for elections critical infrastructure was moved to CISA, and funding for the EI-ISAC was provide by CISA as well.

CISA provides a suite of services that are available at no cost to state and local government officials and private sector election infrastructure partners. I want to emphasize that these services do not just support the state but support your local elections offices as well. All services are available upon request and are strictly voluntary; CISA only provides services when requested.

CISA’s services include the following:

    • A suite of cybersecurity services including:
      • Cyber hygiene vulnerability scanning of an organization’s internet or public facing systems.
      • Access to the .gov domain. The .gov domain is available solely to U.S. based government organizations.
      • In-person and virtual trainings on items such as phishing or responding to ransomware.
    • A suite of physical security services:
      • The most critical being in-person assessments by CISA Protective Security Advisors. These assessments are most frequently of county and city elections offices, as well as polling places.
      • Other resources include physical security trainings, including de-escalation trainings.
    • Incident response:
      • In the event of a cyber incident, CISA provides rapid response and resources at the request of an impacted entity.
    • Best practice and security guides:
      • CISA assists in conducting tabletop exercises at the national level, as well as coordinating tabletop exercises at the state and local level at their request.
      • A vast library of resources to support state and local election officials on topics from very technical cyber best practices to physical security issues such as how to respond hazardous material sent to election officials in the mail.

For a small number of state and local election officials in Minnesota, CISA also provides access to classified briefings and threat reporting.

Through funding from CISA, the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) provides the following services:

    • No-Cost Layered Defense for Election Security with device-level protection, including Endpoint Detection and Response (EDR) which helps block malicious activity and stop an attack at the endpoint level.
    • Active defense against malicious domains by Malicious Domain Blocking and Reporting (MDBR), which prevents IT systems from connecting to harmful web domains and helps limit infections related to known malware, ransomware, phishing, and other cyber threats.
    • 24x7x365 Security Operations Center (SOC) offering threat intelligence, detection, and response assistance.
    • Election-specific threat reports.
    • Discounted and no-cost cybersecurity tools and resources.
    • Access to an annual self-assessment survey to evaluate cybersecurity maturity.

While these services are critical, there is also an added benefit that these services are being provided from the federal government as opposed to a private vendor.

We know that nation-state actors have targeted our nation’s election systems – and having the force and resources of our own federal government to help defend against these threats is critical. CISA also has access to real-time threat information from other federal agencies such as ODNI, FBI, and DHS. In addition, CISA helps coordinate a whole of government response when needed.

Further, asking 50 states to create 50 solutions to these threats is not only inefficient, these federal level services also allow the “connecting of dots” that would otherwise not happen.

These services have been critical, and we’ve seen their value continue as recently as the 2024 election.

In addition to all of the preventative and preparedness resources from CISA, CISA’s critical real-time response to incidents this year was essential.

Examples of the issues CISA helped respond to, and provide foreign attribution to where needed, included:

    • Threating mailings to many states, including Minnesota, that contained a white powder substance.
    • Swatting efforts targeting election officials including Secretaries.
    • Bomb threats by both foreign and unknown actors targeting polling places and election offices.
    • Distributed Denial of Service attacks directed at elections systems.
    • Fake videos created and promoted by foreign entities attempting to undermine confidence in election systems.

While Minnesota thankfully did not encounter swatting or foreign created fake videos related to elections, Minnesota counties did receive bomb threats, and the Minnesota Secretary of State Office was one of the places targeted with the threating mailing, causing an evacuation of our veteran services building office.

So, what is the future of these services? In short, we do not know. And that is cause for concern. Here is what we do know:

    • CISA has placed on leave agency personnel who were hired specifically to work with the elections sector. These are people who worked on election security, including cybersecurity.
    • CISA has ended its contract with the Center for Internet Security to support the EI-ISAC, ending that election-specific nationwide program to support elections administrators and vendors.
    • CISA is now conducting an internal evaluation of all election-related services, with findings and recommendations to be delivered in a report on March 6.

We will know more on or after March 6, but the initial steps taken by CISA are troubling. I believe that a roll-back of these services could compromise the security of our elections. CISA has been a strong and effective partner. The loss of that partnership is a risk not worth taking.

The National Association of Secretaries of State has penned a bi-partisan letter to DHS Secretary Noem asking her to protect these services to the elections critical infrastructure sector. Whether these services live in CISA or are returned to DHS, the bi-partisan consensus was that these services and information are incredibly valuable to ensuring that election entities can defend against national security threats.

If these services are reduced, there will be increased costs to Minnesota’s election system, both at the state and local level. And, most importantly, our ability to protect our election systems and respond to threats will be harmed. We have an excellent election system in Minnesota and have great partners at the state level. But when dealing with nation state actors, the resources provided since 2017 by the federal government are critical.

  Return to List
© 2025 Office of the Minnesota Secretary of State - Terms & Conditions
The Office of the Secretary of State is an equal opportunity employer