IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

New England States Talk Cybersecurity at USC Workshop

More than 100 government officials and academics discussed cybersecurity, misinformation and threat response in a recent workshop hosted by the University of Southern California Cybersecurity Initiative.

shutterstock_state cybersecurity
(TNS) — New England state officials tackled election cybersecurity concerns during a workshop on Thursday afternoon.

The University of Southern California Cybersecurity Initiative held a regional election security workshop for all six New England states.

State and national officials, along with academics, led the more than 100 participants in discussions related to election cybersecurity. The event focused on cybersecurity, cyber safety, disinformation, misinformation and crisis response. It was meant to aid the New England states in election preparedness. Local election officials from southeastern Connecticut also took part in the workshop.

The USC initiative is a "non-partisan independent project supported by Google to educate people working in campaigns and elections on cybersecurity practices through workshops held across the country in all 50 states. The workshops led by academics, cybersecurity groups and government agencies focused on cyber safety & security," USC's website reads.

Connecticut Deputy Secretary of the State Scott Bates, a resident of Stonington, was one of the workshop's featured speakers. The state has learned creating partnerships at the local, state and federal levels helps with cybersecurity — "The military calls it force multipliers," he said.

Bates said the state is working with municipal election officials whose towns may not have the same resources and expertise as the Secretary of the State's Office in cybersecurity.

"In 2020 we used some of our federal resources from the Help America Vote Act to get assistance to the towns," Bates said. "We worked with the Connecticut National Guard to make sure every town in Connecticut had an opportunity to do a cybersecurity audit." He said towns were not already conducting such audits.

Bates said municipal election officials and the Secretary of the State's Office worked closely to administer a more robust and open absentee ballot program that saw mail-in participation increase from 5 percent of the voting population to about 35 percent. He recognized that it was a "huge challenge" for municipal officials. During the 2020 election season, election workers and officials repeatedly publicly wondered if they were being asked to do too much with the uptick in absentee voting and the concern about finding poll workers for Election Day during a pandemic. Municipal election officials said after the election that they would need significantly more state funding if they were to administer a no-excuse absentee ballot system in the future.

With municipal elections on Nov. 2, municipal clerks say they're adjusting to a new normal. As was the case in the 2020 general election, and due to a provision in the state budget passed this legislative session, all voters will be able to check the COVID-19 box as a reason for voting via absentee ballot.

Bates said that, going forward, "We don't have the resources we had in 2020. Congress, I would suggest, needs to put resources back to the states again so that we can make these kinds of partnerships happen."

"We need even more federal assistance for state and local election officials," he added.

Rhode Island Secretary of State Nellie Gorbea agreed with Bates on all counts. She said protecting cybersecurity is an ongoing process. She advocated for local, state and federal partners to work together to protect cybersecurity.

Gorbea noted that it was up to secretaries of each state to distribute federal funding during the COVID-19 pandemic. She advocated that "There should be a consistent funding level for elections and cybersecurity protections for elections in our federal government's budget."

Rep. Jim Langevin, D- R.I., co-chair of the Congressional Cybersecurity Caucus, opened the event by telling attendees that cyberthreats and misinformation will only continue to "become more harmful unless we proactively work to fend them off." He said he supports renewed investments in election security because the compromise of voter data "could have dire societal consequences." Langevin formerly served as Rhode Island secretary of state.

Langevin called for the modernization of campaign regulations to promote cybersecurity and said he continues to push for a Congressional Act on that front.

New Hampshire Secretary of State William Gardner's slogan is "You can't hack a pencil." He spoke of how difficult it is to attack election infrastructure when it is pen and paper. "We have over 100 voting communities that vote by paper ballot when more modern voting machines were available for use."

Vermont Secretary of State Jim Condos said his state, much like Connecticut, expanded its mail-in voting due to the COVID-19 pandemic. As Connecticut continues to attempt to implement no-excuse absentee voting, Vermont is moving to universal mail-in voting. Voters will be mailed ballots ahead of the November general elections.

Condos said the pandemic was "certainly a trying time because of the pandemic, and then of course we had the added cybersecurity issues we had to deal with. On top of all that, there was the tremendous misinformation and disinformation that was out there trying to weaken voter confidence and the integrity of U.S. elections, and those have really become the biggest enemy of our democracy."

Sarah Mojarad, a lecturer at USC's Viterbi School of Engineering, emphasized one of the common themes of Thursday's presentation — that threats to election security are not necessarily most focused on physical infrastructure but on misinformation and efforts at disinformation.

Mojarad described disinformation as intentionally designed to mislead, where as misinformation is false information that is spread without a deliberate attempt to mislead.

She advised to look for disinformation red flags, such as whether the information is verifiable, whether the author is known and if the disinformation elicits strong emotions, "usually fear or outrage."

Clifford Neuman, the director of USC's center for computer systems security, said Thursday that it's important to recognize "what an adversary is trying to accomplish if seeking to disrupt an election."

Neuman said adversaries may want to manipulate vote tallies by subverting election staff or tampering with voter rolls for example. But, he said, such things are difficult to accomplish. What adversaries have resorted to is disinformation through micro targeting ads or stealing data from campaigns, for example. He asserted that the manipulation of voters "also gets to the end goal of disrupting an election."

Neuman added that adversaries also may try to create distrust in the final outcome when vote tallies are released.

The USC program held workshops for each of the 50 states in 2020 and will be conducting 10 regional online workshops for all 50 states. Its national media partner is the Associated Press.

©2021 The Day (New London, Conn.). Distributed by Tribune Content Agency, LLC.