Good News About Voting Security

The hacking attempts haven’t slowed. The disinformation campaigns are ongoing. And the warning lights have been “blinking red” for a potential foreign operation aimed at disrupting the midterm elections, but the US survived.

But if there is anything positive to take away from Russia’s election interference in 2016, it’s this: America’s election infrastructure has never been more carefully monitored in the days, weeks, and months leading up to a nationwide vote, and voters themselves are more-wary than ever of foreign propaganda, masked as a political ad, or Twitter troll.

That heightened awareness is a key takeaway from a report published just one day before the election about hacking attempts on election infrastructure. 

The Boston Globe revealed on Monday 5th November that it had obtained leaked threat reports filed by state and local election officials across the country alerting federal agencies to cyber intrusions and other suspicious activity that appeared to be targeting voter registration databases, election officials, and election networks in the days before the midterms. 

One unnamed state, the threat reports don’t name states or detail specific incidents, successfully blocked more than 51,000 login attempts from foreign countries in a 24-hour period, the documents reportedly revealed. Some hackers even had “limited success.”

Yet voting and cybersecurity experts I spoke to seemed less alarmed than one might expect. “I’m heartened by this,” said David Becker, a former trial attorney in the Voting Section of the Department of Justice’s Civil Rights Division who now runs the Center for Election Innovation & Research. 

The coordination between the various levels of government in preparation for potential meddling in Tuesday 7th November’s election represents a major leap forward since 2016, when many states declined help from the Department of Homeland Security to secure their election systems and balked at declaring such systems “critical infrastructure.” 

Such a designation, which was finally made in January 2017, puts election infrastructure in the same category as the US power grid and financial sector, and gives states quicker access to classified threat information sharing. It also means that states can participate in joint-defense exercises. 

In addition, all 50 states have now opted in to the DHS-funded program that has allowed election officials to share information with each other and with the government. Many have enrolled in a DHS program that offers states computer- vulnerability scanning for their election systems.

But aging voting machines and outdated software are still a major problem, and Congress has not allocated nearly enough money, only $380 million has been appropriated for the whole country, to help states completely revamp their infrastructure, experts say. 

Only one state, Virginia, has completely replaced its electronic voting machines since 2016. And while Illinois has bolstered its cyber defenses since hackers infiltrated its voter database in 2016, its voting machines are still outdated and vulnerable to attack. 

According to NBC News, there are still counties in 14 states, including Georgia and Florida, whose voting districts have no paper backup for their electronic voting machines. That means it would be impossible to conduct a paper recount if necessary.

That’s particularly concerning because, two years on from Russia’s unprecedented interference, there is no sign that the threats are waning. 

In a joint statement released on Monday night, the DHS, Director of National Intelligence, FBI and DOJ warned that “Americans should be aware that foreign actors, and Russia in particular, continue to try to influence public sentiment and voter perceptions through actions intended to sow discord.” 

Senior Trump administration officials, including DHS Secretary Kirstjen Nielsen, FBI Director Chris Wray, and DNI Dan Coats, issued a similar warning during a rare joint press conference in August, “Russia attempted to interfere with the last election,” Wray said, “and continues to engage in malign influence operations to this day.” 

Days earlier, Missouri Democratic Senator Claire McCaskill, who is seeking re-election in a state that went for Trump in 2016, confirmed that Russians had tried to hack her senate computer network but were unsuccessful.

So far, however, the kind of massive hacking-and-leaking operation that took the law enforcement and intelligence communities by surprise in 2016 has not materialised. And, overall, the preparation and response to irregularities in the run up to the midterms has been reassuring, experts say.

The NSA has reportedly begun sending messages directly to Russian hackers, reminding them that they are being watched.

Those seeking to sow disinformation and wage information warfare, meanwhile, continue to prey upon social media users, despite their increased awareness of organised foreign-influence operations.

The Justice Department has already charged the first Russian with interfering in the midterms: Elena Khusyaynova, a 44-year-old Russian national who allegedly managed the finances of an election-interference campaign run out of the Internet Research Agency in St. Petersburg, code-named Project Lakhta. 

Facebook, which did not discover until late 2017 that the Russians had purchased hundreds of political ads that were seen by approximately 10 million users in 2016, revealed over the summer that it shut down Russian and Iranian accounts that were waging political influence campaigns to influence the midterms, and set up a “war room” where a team will monitor fake news and disinformation on Election Day. 

The Democratic Congressional Campaign Committee, meanwhile, successfully encouraged Twitter to delete more than 10,000 “bot” accounts that were posing as Democrats while discouraging people from voting in Tuesday’s midterms.

This is an increasingly common narrative among Russian bots and trolls, according to Brett Bruen, a former US Diplomat who served as Director of Global Engagement at the White House under President Obama. 

Defense One:

You Might Also Read:

Schoolboy Hacked Mock Florida Election Site In 10 Minutes

« Darktrace Describe The Alarming Future AI Attack Scenario
Don't Underestimate The Impact Of Phishing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

FDM Group

FDM Group

FDM Group is an international Professional services company with a focus on IT. Services offered include Software Testing, and Information Security with a focus on operational security and compliance.

HireVergence

HireVergence

HireVergence is a full service IT staffing and recruiting firm with a focus on cyber and information security.

SecuriThings

SecuriThings

SecuriThings is a User and Entity Behavioral Analytics (UEBA) solution for IoT security.

Center for Strategic Cyberspace & International Studies (CSCIS)

Center for Strategic Cyberspace & International Studies (CSCIS)

CSCIS seeks to advance global cyberspace security and prosperity by providing strategic insights for cyberspace and policy solutions to decision makers.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

Government Communications Security Bureau (GCSB)

Government Communications Security Bureau (GCSB)

GCSB contributes to New Zealand’s national security by providing information assurance and cyber security to the New Zealand Government and critical infrastructure organisations.

Kapalya

Kapalya

Kapalya empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

Shift5

Shift5

Shift5 focus on securing operational technology (OT) by building best-in-class, dual-use products serving military and commercial entities.

Cryptyk

Cryptyk

CRYPTYK CLOUD is the first complete enterprise-class cloud security solution that includes cloud storage and broad protection against all external and internal threats.

Firmus

Firmus

As the leading penetration testing services provider in Malaysia, Firmus evaluates the ability of your internal or external information assets to withstand attacks.

Cybertronium

Cybertronium

Cybertronium is a leader in managing cyber risk. We bring you the latest from the complex, ever-evolving online threat environment with the insights to inspire and the expertise to act.

Xobee Networks

Xobee Networks

Xobee Networks is a Managed Service Provider of innovative, cost-effective, and cutting-edge technology solutions in California.

Cyber Risk International

Cyber Risk International

Cyber Risk International offer CyberPrism, a B2B SaaS solution that empowers businesses to perform a self-assessment of their cyber security program.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Xantaro

Xantaro

Xantaro specializes in technologies, software and services for Carriers, ISPs, Hosting and Cloud Providers as well as for Operators of Data Centres and Campus Networks.