As we approach the 2020 elections, the U.S. becomes a huge target for digital threats. From election interference to fraud, the need for adequate cybersecurity measures becomes more prevalent than ever. Challenges facing the upcoming elections seem to put the reliability of electoral systems and trust in democracy to the test.
Experts and news sources have been debating the possibility of another intrusion much like the Russian hacks and social engineering that hindered the presidential election back in 2016. External threats to voting machines and registration databases is a clear and present danger that should be treated as a big deal. The possibility for those events to weaken our democratic system is substantial, but we must not disregard the threat of insiders, as they are also capable of causing harm or disruption.
In 2018, two security researchers discovered that cybercriminals were selling a database containing voter’s full names, phone numbers and addresses on a hacking forum. The total amount of compromised records exceeded 35 million voters. Hackers made away with:
- Full names
- Phone numbers
- Physical address
- Voting history and other voting information.
The 2016 presidential elections hack proved that, with access to state’s voter registration, bad actors can manipulate information dissemination and influence the outcome of a national election. It’s enough reason to make election interference a priority.
Presidential Election Hack of 2016 Exemplified the Danger of Unsecured Voting
The efforts of hackers to manipulate the 2016 presidential election produced lots of headlines. The real hacking actually started in 2015. The FBI notified the Democratic National Committee that at least one of the computers was infiltrated. The compromised computer was sending data back to Russia. The hackers used spear-phishing tactics to convince targets to click on a bad link, which would connect them to a website managed by the hackers.
Soon before the Democratic National Convention in 2016, WikiLeaks circulated approximately 20,000 emails stolen from the Democratic National Committee’s server. This contained messages from the organization’s chair, indicating that the organization favored Clinton over her Democratic opponent, Bernie Sanders. It was announced that12 members of Russian were part of the investigation. The prosecution says that the Russians hacked the emails and computer networks during the 2016 presidential campaign.
Importance of Protecting Against Election Interference
Sadly, the current U.S. voting system is not the most reliable, which means insider threats represent a substantial security issue for voters, especially due to the unawareness of insider threats, such as intervention and manipulation. Although voter information is still vulnerable, it is possible to protect this data if entities in ownership of the data take the right measures.
First, anyone with access to voter’s information should be knowledgeable on the best cybersecurity practices to guarantee that voter information is kept private. Comprehensive security measures including technology should be used to protect potential threats. Set restrictions on the users that have access to data and the systems that maintain it.
Voter’s databases should have restricted access and authorizations should be carefully considered and approved depending on each case. For any committees or organizations that are involved in the elections, make sure they are trained on best practices for data integrity. Protecting organizations from these threats, cybersecurity experts must look for insider threats. Monitor user behavior to ensure data is not placed at risk.
Safeguarding Election Threats Including Paper Trail
Cybersecurity experts fear that voting machines that don’t leave a paper trail could be a real danger to hackers. One of the major concerns with voting systems is that these are connected to the internet and therefore susceptible to hackers. Cybersecurity professionals propose shifting to voting systems that use paper ballots. Although, this might seem like we are going backwards, it reduces the chance of hackers manipulating data.
To help safeguard elections against hackers and cyberattackers, it is suggested to establish nationwide cybersecurity best practices for voter registration systems, election administration systems, and outcome coverage systems. The approach can be calibrated based on each state’s needs.
Securing the election setting and guaranteeing an election free from external interference are nationwide security priorities. Threats to election systems are continually growing, so protecting these systems requires continual awareness, improvement and revision.
Learning From the NYC Board of Elections How to Secure Voter Processes
Another way that election agencies can protect themselves is to conduct regular tabletop exercises, a way of gathering personnel across business functions to play out real world scenarios and brainstorm strategies to stay secured. “We did our first tabletop exercises in the lead-up to Election Day,” said Michael Ryan, executive director of the New York City Board of Elections concerning the November 2016 elections.
“Tabletop exercises are the way that agencies keep the muscles limber, reenacting real world scenarios in a serious way, and we did a tabletop exercise on the Thursday before a presidential election for almost seven hours. Shows you the seriousness with which everyone took that.”
Ryan also recommended having contingencies in place, such as electoral system backups, and a way to shutdown local poll site operations to shift activity to secured sites, such as police stations. A firm that specializes in securing government elections, recommends securing:
- Voting machines
- Election results
- Voter databases
- Voter rolls
In preparation for the upcoming April 28 presidential primary election, the Federal Cybersecurity and Infrastructure Security Agency (CISA) will meet with state and local voting officials in New York. The purpose will to discuss threats to the upcoming elections, then discuss strategies to secure voter systems and protect the integrity of voter elections. CISA endeavors to protect voter IT infrastructure, including, for example:
- Voter registration databases (including IT systems)
- Election management (e.g., tallying, auditing and display)
- Storage for voting and election system infrastructure
ThreatModeler Helps to Protect Voter Systems With Automated Threat Modeling
ThreatModeler is the leading threat modeling solution that strengthens an enterprise’s SDLC by identifying, predicting and defining threats across all applications and devices in the operational IT stack. Security and DevOps teams are empowered to make proactive decisions by accessing holistic views of their attack surface, enabling enterprises to minimize their overall risk.
ThreatModeler is an automated platform that takes the presumption out of creating threat models for your organization. Out-of-the-box, personnel with minimum technical understanding can build a threat model with all the components, connectors and integrations needed. As DevOps teams approach security from all angles, ThreatModeler enables organizations to meet security objectives with less reliance on security experts.
ThreatModeler integrates with threat libraries from OWASP, CAPEC, AWS and Azure, plus IT ticketing systems that ensure the right parties are involved with threat mitigation. To discover how ThreatModeler is the right tool for your DevOps program, we recommend scheduling a live demo. You can also contact us directly to speak with a threat modeling expert.