Good News About Voting Security

The hacking attempts haven’t slowed. The disinformation campaigns are ongoing. And the warning lights have been “blinking red” for a potential foreign operation aimed at disrupting the midterm elections, but the US survived.

But if there is anything positive to take away from Russia’s election interference in 2016, it’s this: America’s election infrastructure has never been more carefully monitored in the days, weeks, and months leading up to a nationwide vote, and voters themselves are more-wary than ever of foreign propaganda, masked as a political ad, or Twitter troll.

That heightened awareness is a key takeaway from a report published just one day before the election about hacking attempts on election infrastructure. 

The Boston Globe revealed on Monday 5th November that it had obtained leaked threat reports filed by state and local election officials across the country alerting federal agencies to cyber intrusions and other suspicious activity that appeared to be targeting voter registration databases, election officials, and election networks in the days before the midterms. 

One unnamed state, the threat reports don’t name states or detail specific incidents, successfully blocked more than 51,000 login attempts from foreign countries in a 24-hour period, the documents reportedly revealed. Some hackers even had “limited success.”

Yet voting and cybersecurity experts I spoke to seemed less alarmed than one might expect. “I’m heartened by this,” said David Becker, a former trial attorney in the Voting Section of the Department of Justice’s Civil Rights Division who now runs the Center for Election Innovation & Research. 

The coordination between the various levels of government in preparation for potential meddling in Tuesday 7th November’s election represents a major leap forward since 2016, when many states declined help from the Department of Homeland Security to secure their election systems and balked at declaring such systems “critical infrastructure.” 

Such a designation, which was finally made in January 2017, puts election infrastructure in the same category as the US power grid and financial sector, and gives states quicker access to classified threat information sharing. It also means that states can participate in joint-defense exercises. 

In addition, all 50 states have now opted in to the DHS-funded program that has allowed election officials to share information with each other and with the government. Many have enrolled in a DHS program that offers states computer- vulnerability scanning for their election systems.

But aging voting machines and outdated software are still a major problem, and Congress has not allocated nearly enough money, only $380 million has been appropriated for the whole country, to help states completely revamp their infrastructure, experts say. 

Only one state, Virginia, has completely replaced its electronic voting machines since 2016. And while Illinois has bolstered its cyber defenses since hackers infiltrated its voter database in 2016, its voting machines are still outdated and vulnerable to attack. 

According to NBC News, there are still counties in 14 states, including Georgia and Florida, whose voting districts have no paper backup for their electronic voting machines. That means it would be impossible to conduct a paper recount if necessary.

That’s particularly concerning because, two years on from Russia’s unprecedented interference, there is no sign that the threats are waning. 

In a joint statement released on Monday night, the DHS, Director of National Intelligence, FBI and DOJ warned that “Americans should be aware that foreign actors, and Russia in particular, continue to try to influence public sentiment and voter perceptions through actions intended to sow discord.” 

Senior Trump administration officials, including DHS Secretary Kirstjen Nielsen, FBI Director Chris Wray, and DNI Dan Coats, issued a similar warning during a rare joint press conference in August, “Russia attempted to interfere with the last election,” Wray said, “and continues to engage in malign influence operations to this day.” 

Days earlier, Missouri Democratic Senator Claire McCaskill, who is seeking re-election in a state that went for Trump in 2016, confirmed that Russians had tried to hack her senate computer network but were unsuccessful.

So far, however, the kind of massive hacking-and-leaking operation that took the law enforcement and intelligence communities by surprise in 2016 has not materialised. And, overall, the preparation and response to irregularities in the run up to the midterms has been reassuring, experts say.

The NSA has reportedly begun sending messages directly to Russian hackers, reminding them that they are being watched.

Those seeking to sow disinformation and wage information warfare, meanwhile, continue to prey upon social media users, despite their increased awareness of organised foreign-influence operations.

The Justice Department has already charged the first Russian with interfering in the midterms: Elena Khusyaynova, a 44-year-old Russian national who allegedly managed the finances of an election-interference campaign run out of the Internet Research Agency in St. Petersburg, code-named Project Lakhta. 

Facebook, which did not discover until late 2017 that the Russians had purchased hundreds of political ads that were seen by approximately 10 million users in 2016, revealed over the summer that it shut down Russian and Iranian accounts that were waging political influence campaigns to influence the midterms, and set up a “war room” where a team will monitor fake news and disinformation on Election Day. 

The Democratic Congressional Campaign Committee, meanwhile, successfully encouraged Twitter to delete more than 10,000 “bot” accounts that were posing as Democrats while discouraging people from voting in Tuesday’s midterms.

This is an increasingly common narrative among Russian bots and trolls, according to Brett Bruen, a former US Diplomat who served as Director of Global Engagement at the White House under President Obama. 

Defense One:

You Might Also Read:

Schoolboy Hacked Mock Florida Election Site In 10 Minutes

« Darktrace Describe The Alarming Future AI Attack Scenario
Don't Underestimate The Impact Of Phishing »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Splunk

Splunk

Splunk provide real-time Security Information & Event Management solutions for Enterprise Networks, Cloud and small-scale IT environments

QATestLab

QATestLab

QATestLab is a leading International software testing company offering a full range of software testing services including security testing.

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

MKD-CIRT

MKD-CIRT

MKD-CIRT is the national Computer Incident Response Team for Macedonia.

Thermo Systems

Thermo Systems

Thermo Systems is a design-build control systems engineering and construction firm. Capabilties include industrial control system cybersecurity.

Ritz

Ritz

Ritz is the largest holistic pure-play cyber security solutions provider in Myanmar.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

Rublon

Rublon

Rublon protects endpoints, networks and applications by providing trusted access via two-factor authentication (2FA).

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

ChaosSearch

ChaosSearch

ChaosSearch is a massively scalable ELK-compatible log analysis platform delivered as a fully managed service with high-performance and low cost.

Quside

Quside

Quside, a spin-off from The Institute of Photonic Sciences in Barcelona, designs and manufactures innovative quantum technologies for a wide range of applications including cyber security.

Sixteenth Air Force (Air Forces Cyber) - USA

Sixteenth Air Force (Air Forces Cyber) - USA

Air Forces Cyber provides mission integration of Information Warfare at operational and tactical levels, creating dilemmas for adversaries in competition and, if necessary, future conflicts.

Narf Industries

Narf Industries

Narf Industries are a small group of reverse engineers, vulnerability researchers and tool developers that specialize in tailored solutions for government and large enterprises.

AddSecure

AddSecure

AddSecure is a leading European provider of secure IoT connectivity and end-to-end solutions.

Roundsec

Roundsec

Roundsec provide information security services including risk assessment and pentesting of sites and apps.

Gray Swan

Gray Swan

Gray Swan is the safety and security provider for the AI era, founded by world leading experts in the AI safety and security space.