security Bearish 8

14 ‘Ways to Steal’ an Election? DHS Insider Threat Raises 2026 Cyber Risk

· 4 min read · Verified by 8 sources · By Cyber Intelligence Brief Editorial
Share

Key Takeaways

  • Cybersecurity professionals are alarmed that DHS, under Secretary Mullin, could become an insider threat to election infrastructure.
  • Mullin previously advanced the debunked notion of 14 technical ways to steal an election, creating a risk that agency staff may use network access or threat-sharing channels to spy on or disrupt state systems in the 2026 midterms.

Mentioned

Markwayne Mullin person Department of Homeland Security government agency Gary Berntsen person Fox News company FOX Dominion Voting Systems company Cybersecurity and Infrastructure Security Agency (CISA) government agency

Key Intelligence

Key Facts

  1. 1Secretary Markwayne Mullin voted against certifying the 2020 Electoral College results, joining 147 congressional Republicans who did so even after the January 6 Capitol breach.
  2. 2Mullin, while a U.S. senator, brokered a meeting at Mar-a-Lago for ex-CIA operative Gary Berntsen to present conspiracy theories about Venezuelan interference in elections to Trump’s team.
  3. 3Fox News’ $787 million settlement with Dominion Voting Systems in 2023 debunked many of the same election fraud narratives Berntsen and Mullin have promoted.
  4. 4Voting officials now fear DHS will act as a threat to election security rather than a partner, undermining public trust and potentially interfering in the 2026 midterms.
  5. 5Berntsen claims there are “14 different technical ways that you can steal an election,” a theory universally rejected by cybersecurity experts and election auditors.
  6. 6The Cybersecurity and Infrastructure Security Agency (CISA), part of DHS, previously enjoyed strong cooperation with election officials on threat intelligence—a relationship now in jeopardy.

Who's Affected

State Election Officials
government entityNegative
Cybersecurity and Infrastructure Security Agency
government agencyNeutral
Voting Machine Vendors
companyNegative
Malicious Cyber Actors
threat groupPositive
Threat Level

Analysis

When the agency responsible for protecting critical election infrastructure is led by someone who endorses unsubstantiated theories of 14 technical election theft methods, threat models must be urgently recalibrated. For CISOs and SOC teams supporting election offices, the prospect that DHS personnel—many still loyal to CISA’s cooperative mission—could face pressure to surveil systems or leak data under the pretext of national security is a novel insider threat scenario. The trust collapse means state officials may sever information-sharing links, leaving their networks more exposed to genuine adversaries.

State and local election officials are increasingly convinced that the Department of Homeland Security, under Secretary Markwayne Mullin, may not be a partner in safeguarding elections but rather a direct threat to the integrity of the 2026 midterms and beyond. This fear stems from Mullin’s long history of endorsing and amplifying debunked election fraud conspiracy theories—most notably, his role in brokering a Mar-a-Lago briefing for ex-CIA operative Gary Berntsen, who insists Venezuela stole the 2020 election. Berntsen’s claims, which include a laundry list of 14 technical ways to steal an election, were thoroughly discredited by courts, election audits, and the 2023 $787 million defamation settlement between Fox News and Dominion Voting Systems. Yet, with Mullin now at the helm of the agency responsible for designating election infrastructure as critical national security assets, voting administrators see the potential for a hostile federal entity to seize voting machines, subpoena sensitive data, or publicly undermine results under the guise of national security.

Berntsen’s claims, which include a laundry list of 14 technical ways to steal an election, were thoroughly discredited by courts, election audits, and the 2023 $787 million defamation settlement between Fox News and Dominion Voting Systems.

Mullin’s record is unambiguous. On January 2, 2021, he wrote that fraud in the 2020 election made it impossible for him to certify the Electoral College. Four days later, even after a violent mob stormed the Capitol to halt certification, he was among 147 congressional Republicans who voted against the count—a move widely condemned as a direct assault on democratic norms. Now that he leads DHS, his prior roles in promoting the Venezuela conspiracy and facilitating Berntsen’s access to Trump’s inner circle have turned what was once a fringe political stance into an active institutional risk. Election officials have spent years building trust with CISA (the Cybersecurity and Infrastructure Security Agency, housed within DHS) for threat sharing, penetration testing, and incident response. That relationship is now poisoned; many officials say they would hesitate to report a cyber incident if it could lead to DHS interference rather than assistance.

What to Watch

The implications extend far beyond interpersonal distrust. If DHS under Mullin begins issuing public warnings or classified briefings based on unsubstantiated fraud narratives, it could provide cover for partisan actors at the state level to refuse certification of legitimate results, throw elections to courts or legislatures, and further erode public confidence. The legal landscape is also shifting: the Dominion settlement stripped away the last veneer of credibility from many of the conspiracy theories Mullin once endorsed, making any future DHS action based on those same theories highly vulnerable to immediate injunctions and civil rights lawsuits. Still, the damage to electoral stability could be done long before courts intervene.

Looking forward, the 2026 midterms serve as a high-stakes test. Election directors are already discussing preemptive legal strategies to limit federal overreach, and Congress has signaled no appetite for oversight of a DHS led by a Trump ally. The fusion of election denialism with federal security powers creates a novel threat vector—one that traditional cybersecurity frameworks are not designed to counter because the danger originates from the very agency supposed to provide defense. Without clear statutory firewalls, the United States enters its next election cycle with a homeland security apparatus that many of its own state-level partners now view as a potential adversary.

Sources

Sources

Based on 8 source articles

Related Stories

security

19 Signatories Agree to Lock Down AI Supply Chains Against Cyber Threats

Pax Silica's 19-nation pledge to protect critical infrastructure from 'undue access' marks a new frontier in cybersecurity, potentially fragmenting global cyber norms and escalating state-sponsored espionage as the US and its allies harden AI ecosystems against China.

security

Check Point Insider Dumps $3.1M Shares—Cybersecurity Stock Down 40%

A Check Point director offloaded $3.08M in CHKP stock after a 40% decline, reducing his exposure by 86%. As the cybersecurity giant navigates market headwinds, insider confidence comes into question.

security

White House Limits GPT-5.6 Access Over AI Cyber Threat; 1 Customer at a Time

The White House is restricting OpenAI's GPT-5.6 rollout to a customer-by-customer approval process, driven by concerns that advanced AI could be used to uncover and exploit software vulnerabilities at scale. This follows similar unease over Anthropic's Claude Mythos, highlighting a new cybersecurity paradigm.

security

AI-Driven Cybersecurity Firm Kratikal Tech Raises $4.7M in IPO to Combat Emerging Threats

Kratikal Tech, an AI-native cybersecurity SaaS provider, opens its IPO June 30 on BSE SME, raising $4.7M to expand its Threatcop platform across the UAE and US. The move underscores growing investor interest in AI-powered threat defense.

How we covered this story

Every story in our cybersecurity coverage is assembled from multiple primary sources, cross-referenced for factual consistency, and scored along three independent dimensions: sentiment, operational impact, and source-cluster confidence. Single-source rumors and unverifiable claims do not pass our editorial gate. When a story shows "Verified by N sources" with N≥2, the development is independently corroborated; when N=1, we mark it explicitly so readers can weigh the signal accordingly.

Impact scoring uses a 1-10 scale weighted toward regulatory, financial, and operational consequence rather than coverage volume. A topic that runs in every outlet but moves no real decisions ranks lower than a niche regulatory filing that reshapes how operators in the cybersecurity space have to behave. Read our full methodology for the scoring rubric, our glossary for term definitions, and our trends index for the longitudinal view across the beat.

Signal on this pageWhat it tells you
Verified by N sourcesIndependent corroboration count. N≥2 is our confidence floor; N=1 is marked explicitly.
Impact score (1-10)Regulatory + financial + operational weight. 8+ signals an experienced-operator action item.
SentimentFive-tier classification trained on labeled cybersecurity-specific corpora.
TimelineWhere applicable, the related-events sequence that contextualizes today's development.