Election day is quickly approaching, and while a majority of citizens are preparing to (or already have) visit polling stations, many individuals in the cybersecurity community can’t help but think “it’s not a matter of if, but when” when it comes to election security during the midterms. The 2016 state-sponsored Russian election-hacking campaigns targeted a total of 39 states in a direct attempt to disrupt America’s political system, either aiming to sway the judgment of many citizens or in some cases delete or alter voter data.
So the big question is, what is being done about it as the highly-anticipated midterms are only days away? And more importantly, how do these events serve as lessons learned for how security practitioners are currently operating in their organizations?
Following the 2016 presidential election, the Obama administration gave the federal government a much more significant role in election security, designating election systems as critical infrastructure, which would make it the Department of Homeland Security’s responsibility to protect the election equipment and voting machines.
While it wasn’t a smooth transition, according to a report by The Washington Post communication has been streamlined between state and federal government entities when it comes to cyber threat intelligence, a positive step forward in a process that previously featured many communication breakdowns. States like Illinois are going even one step further to ensure their citizens’ votes count, by not only working with the DHS and the FBI but also enlisting the help of the Illinois National Guard, which brought in hundreds of cybersecurity experts to ensure integrity during the midterms.
But what about the misinformation campaigns across social media platforms?
Between October 2017 and March 2018, Facebook has made strides in disabling more than one billion (yes, you read that correctly) fake accounts and also bolstered its cybersecurity and fact-checking team. Twitter followed a similar path, disabling phony accounts that engaged in “coordinated manipulation” and updating their rules as election day approaches, efforts that are all part of their “elections integrity work.”
Although we’ve taken steps in the right direction, one can’t help but think, like many organizations that have an arsenal of security solutions and rock-solid strategy, there’s always a way in. Recent research that came out of the annual DefCon security conference’s Voting Village event points to voting machines still being vulnerable to attacks, according to a report by Wired.
Again, with midterm elections just days away, the positive outlook is that citizens, our government, and cybersecurity professionals may be on their toes. However, there’s still a lot of work that needs to get done to ensure the integrity of votes.
During our visit to the Black Hat cybersecurity conference in Las Vegas this year, we caught up with some security experts that shared their thoughts on the 2016 election meddling, but most importantly, they gave their take on what the modern-day security practitioner can learn from them and apply to their current role.
While on the surface it may seem like it may not apply to those who work outside of election security, it does, Rick Holland, CISO at Digital Shadows, said.
“Get past the election bit and realize that these attack vectors are probably the most common ones that any cybercriminal or any adversary would use and take that into consideration,” Holland said.
In the full video interview below, InfoSec Insider caught up with Holland and other cybersecurity experts and asked them about their thoughts on the impact that the 2016 election hacking events had on the security industry, and what the security practitioner of today could learn from those events. With early voting already in full swing, we ask them to look back and discuss any lessons learned.
2019 will be here before you know it, which means it's time to start planning for the InfoSec World Conference & Expo in Orlando, Florida. Here's a look at the agenda!