(TNS) — Eight Ohio counties have not completed an election security checklist Ohio's top elections official required last summer, and one is being placed in administrative oversight because it has no plan to comply.
Secretary of State Frank LaRose said Wednesday during a press conference that Van Wert County Board of Elections has refused to provide a plan for complying with his directive.
Van Wert will be placed in administrative oversight, which requires weekly reports to LaRose's office.
Hamilton, Ottawa, Warren, Trumbull, Carroll, Holmes and Clark counties have not completed the directive's requirements for "cyberattack detection, system hardening and network defense." The secretary of state's office would not specify which pieces of the directive still were unmet, citing security concerns.
Those seven are expected to finish the checklist by the start of early voting Feb. 18, LaRose said. The deadline passed Friday.
"A lot of these changes, candidly, are changes that should have been made a long time ago," he said during the press conference.
LaRose also has called for the resignation of a Coshocton County Board of Elections member who he said has refused to adopt some security changes, including migrating email.
LaRose issued the 34-point security plan that he calls a "pre-flight checklist" for election security on June 11. It was meant to help guard against interference in the 2020 election. Security experts anticipate foreign adversaries will attempt to meddle in the presidential election, as they did in 2016.
Elections officials in Ohio have regularly pointed out that equipment used to cast and count ballots is not connected to the Internet. But other systems —-- such as the databases of registered voters -- still could be vulnerable.
Attacks on those systems could erode confidence in elections, LaRose said Tuesday.
The directive required county boards to install digital burglar alarms that would alert them to cyber criminals attempting to hack their systems, conduct annual training and assessments on cybersecurity and complete physical security and criminal background checks on employees and vendors.
They were directed to transition their websites and email servers to those that end in .gov or .us and to ask for assessments and testing of their systems from the U.S. Department of Homeland Security.
LaRose said in December that his office's own digital burglar alarm, an "Albert sensor," detected a Russian company's hack attempt that originated in Panama on Election Day 2019. In 2016, the Henry County Board of Elections was the subject of a ransomware attack.
On Tuesday, LaRose said all 88 counties have installed Albert sensors and Security Information and Event Management logging systems, which the former member of the 101st Airborne compared to a "flight data recorder" that would help retrace steps taken by hackers.
The state has paid for the monitoring service on those sensors for county boards of elections in 2020 using a $1.7 million in federal funding for elections. But LaRose said this week he wants the state legislature to fund a portion of counties' costs beyond 2020 as well.
In all, the state made more than $13 million available as grants to local boards of elections to implement the security measures in his directive, LaRose said.
©2020 The Columbus Dispatch (Columbus, Ohio). Distributed by Tribune Content Agency, LLC.