Cyber criminals and hackers can create chaos in state and local voting and election systems – from disqualifying voters to corrupting data to launching denial-of-service attacks.
For example, last summer 12 Russians were indicted by the U.S. Department of Justice for having tampered with the 2016 U.S. elections, as well as stealing data on a half-million Illinois voters from the state’s election board website.
And consider this – in a recent hackathon event, an 11-year-old was able to hack into Florida’s voting system within 10 minutes and change voting results.
Many government election commissions and agencies are not fully prepared to deal with these threats, but it doesn’t have to be that way.
State and local governments face unique challenges in protecting the integrity of elections. They must ensure that voting processes are secure and accessible while also being fiscally responsible – and often with limited IT staffing.
Also, agencies must find ways to counter cyber security threats that target a multitude of systems, including electronic voting machines, ballot counters, voter registration systems, websites, and election management systems.
These were the obstacles facing the State of Missouri. The state’s cyber security profile was limited, with only four staffers and finite resources to keep up with ever-evolving threats. However, after witnessing data breaches in other state and local governments, officials in Missouri’s legislative and executive branches decided to take action, and opted to deploy FireEye security technologies.
Four Steps to Protect Infrastructure
There are some immediate actions that governmental IT leaders can take to protect election integrity and reassure citizens that their voting data is safe.
- Assess critical election infrastructure: Understand, for example, the potential entry points by which attackers can access voting systems, as well as the methods used to breach them. Cross-departmental and agency communication helps ensure that all the implications and threat possibilities have been considered. For example, bring together election officials, IT staff, government executives, emergency responders, and technology vendors for these discussions. Doing so also helps create multiple layers of protection.
- Test existing plans: Just as schools carry out drills to prepare for a fire or other hazardous event, so too should local governments conduct tests of their election security plans. This will help identify potential gaps and vulnerabilities.
- Secure existing technology: Do devices and applications used by government officials utilize multi-factor authentication and encryption capabilities? Is critical, sensitive data backed up and stored offsite, and does it have same level of security as primary data?
- Modernize election infrastructure: Find ways to collaborate with technology vendors and public and private sector peers about ways to protect systems. For example, healthcare and financial services firms have critical data to secure. Consider how cloud computing, automated patching and updates, and endpoint security technology can cost-effectively provide multi-layered protection, while reducing the burden on in-house IT staff.
Reach Out to Federal Partners
There are many opportunities for state and local governments to obtain low or no cost support and resources. For example:
- Financial assistance is available via the 2002 Help America Vote Act; last year Congress allocated $380 million to this fund “to enhance election technology and to make election security improvements.” That includes purchasing voting equipment, implementing audit systems, upgrading computer systems, facilitating cyber security training for election officials, implementing cyber security best practices, and funding other cyber security-related activities. As of Sept. 30, 2018, only 8.3 percent, of the total amount allocated had been spent by the states. For officials unsure how to access these funds, the Election Assistance Commission and the private sector – including FireEye – can help.
- The Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security (DHS) provides no-cost services, including: access to regional cyber security personnel who can provide advice on preparing for and responding to cyber attacks; cybersecurity assessments such as hygiene scans, risk and vulnerability assessments, and cyber resilience reviews; cyber threat hunting; access to threat information, including the DHS Information Network portal; intrusion analysis after a cyber incident; and cyber security training and professional development opportunities.
- DHS also maintains a robust resource library for election security, featuring security checklists, guides on attack mechanisms, and contact information for CISA personnel.
- Most recently, DHS issued a list of election security best practices ranging from patch management to blocking malicious traffic.
To better understand how the power of collaboration among government agencies and the public sector can protect election and state and local infrastructure integrity, check out this webcast about taking a holistic approach to state and local cyber security.