"Most of us cannot compel our local election jurisdictions to update their equipment," said Jared Dearing, executive director of the Kentucky State Board of Elections, before an Elections Assistance Commission panel in Silver Spring.
The comments came a week after the annual Def Con hacking conference in Las Vegas, where the three lawmakers who attended -- all Democrats -- blamed Kentucky Republican Mitch McConnell, the Senate majority leader, for the Congress' stagnation on any election security bill.
At Def Con, a group of election security researchers host a Voting Village, now in its third year, where independent hackers try to break into decommissioned voting equipment. While no system can be guaranteed safe from hackers, election security experts -- including ones consulted for the bipartisan Senate Intelligence Committee report on the subject -- resoundingly say that machines need to be routinely updated and use paper ballots so results can be audited.
Last year's Senate appropriations bill gave $380 million for election equipment and cybersecurity services, divvied up through a preexisting Elections Assistance Commission formula established by the Help America Vote Act. But a commission study in April found that states have been slow to spend that money.
McConnell -- who has refused to take up any of the dozens of election security bills in Congress, even the bipartisan ones -- has become a bogeyman for election security enthusiasts. He has neither endorsed nor ruled out an additional round of funding in a budget bill this year.
When asked for comment, a spokesperson for McConnell pointed toward a speech he had given on the Senate floor in May, where he pointed toward the $380 million, adding, "Congress will need to continue closely monitoring the progress and assess whether further legislative steps might be needed as well."
Dearing's comments echoed a common refrain from state and local officials who use old or outdated voting equipment: While some areas can afford solid IT staffs, some counties and local officials can't afford sufficient upgrades on their own.
"I have clerks that might have one or two staff members, and they are not digitally native. These are people who have been working on analog systems their entire career, and we're asking them to participate in what is national security," Dearing said.
"We're now also asking them to take part in the defense against foreign state actors. The cliff that is looming before us is we are failing to fund them appropriately for critical infrastructure in their own offices," he said.