Feds Defund Election Security Hubs Just Months Before 2026 Midterms

On April 28, 2026, Gen. Joshua Rudd, the head of the National Security Agency, sat before the Senate Armed Services Committee and admitted he couldn't confirm if the Election Security Group (ESG) was even up and running for this cycle. Since 2018, the ESG has been the tip of the spear for the military’s 'defend forward' strategy. It's the group that finds and stops foreign hackers before they can touch state networks. Now, with the midterms less than six months away, that deterrence is missing for the first time in a decade.

The situation gets worse. In 2025, the administration defunded the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). For years, this nonprofit hub was the 24/7 watchtower for over 3,000 local election offices. By cutting that federal support, the government essentially left local officials: many of whom are working with shoestring IT budgets: to figure it out on their own. It's already taking a toll. A 2026 survey from the Brennan Center for Justice found that nearly 40% of local officials say losing that federal guidance has made their systems sitting ducks for ransomware and misinformation.

EI-ISAC isn't just a bureaucratic acronym. It's a non-profit that provides free cyber alerts and incident response for the people actually running the polls. The White House claims they're just 'streamlining' the Department of Homeland Security, but the money tells a different story. It's a massive shift of responsibility. Without federal tools, states are forced to hire private contractors. That’s created a gold rush for defense tech firms. Their stocks are up, but there's a catch: these private companies don't always share what they know with other states. The 'federalism firewall' that kept the 2024 election safe is effectively gone.

“Gen. Joshua Rudd told the Senate Armed Services Committee on April 28, 2026, that he didn’t know whether the group had been set up yet.”

Then there's the Election Security Group. This task force combines the muscle of the NSA and U.S. Cyber Command to hunt down foreign interference. We know why it's necessary. Back in 2016, Russia’s GRU military intelligence agency poked around in systems across all 50 states and even broke into Illinois' databases. From 2018 to 2024, the ESG was the reason similar attacks from the Internet Research Agency and other state-sponsored groups didn't succeed. But now? Silence. And it’s happening just as AI deepfakes and automated bot farms make it easier than ever for foreign actors to cause chaos.

Some states are trying to pick up the slack. The U.S. Election Assistance Commission (EAC) put out toolkits for dealing with AI in April 2026, but let's be real: they don't have the intelligence-gathering power of the NSA. The U.S. is moving from a proactive, centralized defense to a fragmented, reactive model. It's unclear if the Cybersecurity and Infrastructure Security Agency (CISA) has been told to take over the ESG’s old job. The DHS isn't talking, and they haven't provided any real explanation for the 2025 budget cuts.

Most voters won't notice these changes until they head to the polls on November 3, 2026. But the danger is real. It's all about the 'information gap': the time it takes for a local official to realize they're being targeted and get the help they need to stop it. As the feds pull back, the burden of protecting democracy falls on cash-strapped local precincts and expensive private consultants. The big question is whether the U.S. can keep its elections secure after dismantling the very teams that established that track record in the first place.