DOGE Dismantles Election Security Infrastructure

Event Summary

Throughout February and March 2025, the Department of Government Efficiency (DOGE), operating under Elon Musk's leadership and with direct White House authorization, systematically dismantled the Cybersecurity and Infrastructure Security Agency's (CISA) election security infrastructure. These actions occurred just months after the 2024 presidential election and ahead of the 2026 midterm elections.

Key Actions:

February 2025: 17 CISA election security staff placed on administrative leave
February 2025: DOGE fired 130 CISA employees
Judge ordered reinstatement of fired workers
Immediate response: Administration reinstated them but immediately placed them on administrative leave (compliance theater)
February 2025: CISA paused all election security activities pending "internal review"
March 2025: Review completed but Trump administration refused to release findings publicly
March 2025: CISA cut $10 million in funding to Center for Internet Security (nonprofit providing services to state/local election officials)

Critical Security Incident:

March 2025: Within minutes of DOGE gaining access to National Labor Relations Board (NLRB) systems, someone with a Russian IP address made multiple attempts to access the database using newly created accounts
Incident demonstrates critical cybersecurity vulnerabilities introduced by DOGE's rapid, unvetted access to federal systems

Implications for Election Security

Timing: CISA's election security division was created specifically to protect US elections from foreign interference following Russian interference in 2016. Dismantling this infrastructure:

Occurs just months after 2024 election
Happens as Trump continues to claim 2020 election was "stolen"
Precedes 2026 midterm elections
Eliminates federal coordination for election security

State and Local Impact:

11 states and Washington DC require their voting systems to be federally certified
CISA provides critical security clearances for state election officials to receive classified threat intelligence
Center for Internet Security provides real-time threat information to thousands of local election jurisdictions

Historical Context: The bipartisan Senate Intelligence Committee (2019) found Russia conducted "an extensive, sophisticated campaign to influence the 2016 election" including hacking state election systems and targeting election infrastructure. CISA was created as the primary defense against such interference.

Executive Order: Elections System Overhaul

March 2025 Executive Order:

Directs Election Assistance Commission (EAC) to mandate proof of citizenship (passport or similar) to register to vote using federal form
Attempts to force EAC to rescind all previous certifications of voting equipment
Requires re-certification under amended guidelines favorable to administration

Legal Framework: Executive order attempts to bypass existing administrative law and EAC's independent authority. As of December 2025, implementation status unclear due to legal challenges from voting rights organizations.

Criminal Threats Against Election Officials

March 14, 2025: Trump publicly stated: "The people who did this to us [2020 election] should go to jail"

Project 2025 Connection: Heritage Foundation's Project 2025 specifically proposes:

Charging 2020 election officials with criminal conspiracy to injure civil rights
Using Alien Enemies Act against domestic election workers
Prosecuting under 18 U.S.C. § 241 (conspiracy against rights)

Real-world Impact: Since 2020, election workers nationwide have faced:

Harassment and death threats
Armed demonstrations at their homes
Forced resignations due to safety concerns
At least 1 in 5 election officials reported threats (Brennan Center, 2024)

Trump's March 14 statement represents federal validation of these threats, encouraging further intimidation.

Russian IP Address Incident

March 2025 Security Breach:

NLRB systems accessed by DOGE team
Within minutes: Russian IP address attempts multiple database accesses using newly created accounts
Incident suggests either:
1. DOGE access credentials compromised
2. DOGE personnel using VPNs with Russian endpoints
3. External actors monitoring DOGE activities

Significance: Regardless of intent or explanation, the incident demonstrates that DOGE's rapid, uncoordinated access to federal systems created immediate cybersecurity vulnerabilities affecting agencies with sensitive data.

Agency Independence Violations

Executive Order Violating Separation of Powers: Forces independent regulatory agencies (FEC, FCC, SEC, FTC) to submit regulations to White House OMB for review. Mandates "White House Liaison offices" in these agencies. These agencies were created by Congress specifically to be independent from political interference.

March 18, 2025: Trump fired FTC commissioners Alvaro Bedoya and Rebecca Kelly Slaughter after they criticized administration's approach to antitrust and consumer protection. Federal Trade Commission independence compromised.

Timeline Context

February 2025: Election security staff systematically removed

March 2025:

Russian IP incident occurs
Election system overhaul EO signed
Funding cuts to election security nonprofits
FTC commissioners fired

March 14: Trump threatens to jail 2020 election officials

Late 2025: As of December, no election security activities resumed at CISA. State and local election officials operating without federal coordination for first time since 2016 election.

Pattern Recognition

This represents the third major pattern in 2025 authoritarian consolidation:

Federal worker purge (January-February): Remove expertise and institutional knowledge
Immigration apparatus expansion (January-March): Build enforcement capacity
Election infrastructure dismantling (February-March): Eliminate democratic safeguards

The systematic removal of election security infrastructure specifically targets the mechanisms that ensure free, fair, and verifiable elections—the foundation of democratic governance.