When voters go to the polls, they might not realize the complex blend of components that power today's democratic system. Secure these, and you stand a much better chance of mitigating the threat from external actors.
WHAT ARE THE MAIN ELECTION CYBERSECURITY THREATS?
Electronic voting is quicker, faster and more accurate than manual voting and counting by hand. But because intelligent systems can be used to gather data and communicate with other systems, they could be exposed to cyber threats. For example, potential vulnerabilities in the machines used to supply registration data might allow unauthorized individuals to manipulate voter information.
According totheCybersecurity and InfrastructureSecurity Agency (CISA), election cybersecurity threats can take three basic forms:
- Information theft (confidentiality attacks): This could include voter registration data or the results of early tabulation. Data theft could cast doubt on the integrity of the system.
- Changing the information within or functionality of a system (integrity attacks): This may include changing the results of voter tabulation/aggregation, which could have a serious impact on the result. This also includes any attempts to change the recorded votes themselves. For example, foreign attackers allegedly breached voter systems in two Florida counties in 2016, although they made no changes.
- Denial of service (availability attacks): This could take the form of DDoS or ransomware attacks against voting infrastructure. By freezing voter registration databases and voting machines, threat actors could severely disrupt voting.
Fortunately, there are technologies that can go a long way toward providing protections — starting with private network solutions.
HOW DOES ELECTION INFRASTRUCTURE WORK?
Networks arguably play a critical role as it is these communications channels that connect key infrastructure components to each other and to centralized data centers.
CISA is tasked with ensuring free and fair elections and divides electronic voting infrastructure into several main elements:
- Registration: Databases of voter records that include information such as whether and where individuals can vote.
- Poll books: Electronic poll books contain voter information from the above databases and could be connected to additional voter databases or servers.
- Voting machine: This is the main technology voters interact with to cast their ballot. Voting machines can be broken down into three categories: electronic voting consoles at voting sites, paper ballot scanning and tabulation devices at voting sites and mail-in ballot scanning equipment.
- Tabulation: The machines and processes that tally the votes cast at the voting machines. This can occur at the precinct level or in more centralized locations.
- Websites: Official election sites that convey information such as how to register and how to vote, as well as election results.
ELECTION CYBER ATTACKS: WHAT'S AT STAKE?
Multiple threat actors have various motives to disrupt elections. These can include foreign states looking to sow conflict and diminish America's geopolitical power, hacktivists hoping to drive chaos and division, and cyber criminals planning to cash in on extortion attempts.
Should hackers cause disruption, reporting delays or even data theft, this could undermine voter confidence in election results. Election cyber attacks could have a dangerous, long-term impact on voter turnout and polarization of the electorate.
HOW TO BEST IMPROVE ELECTION CYBERSECURITY?
Given the volume of sensitive data — including the all-important vote tallies — being transmitted, it’s logical to begin election cybersecurity efforts with secure infrastructure solutions.
Local and state governments are already taking the following steps:
- Building private wireless networks: The publicInternet is the primary means by which external threat actors can reach election equipment. That means the first step is to keep election data and devices off the publicly routed Internet. Instead, they can be moved to 4G LTE/5G networks with private IPs, which makes it harder for attackers to discover and infiltrate. Election administrators can work with their network providerto help ensure volunteer election workers’ communications are segmented from voting data traffic and provide seamless, authorized access to a highly reliable, nationwide network — offering scalability and control where they're needed most.
- Replacing consumer-grade connectivity: Upgrade routers at key election locations to those with built-in security features, including unified threat management, web content filtering and IDS/IPS. Support for 4G LTE or 5G also offers enhanced security, including end-to-end encryption.
- Minimizing transmission times: This can help reduce the window of opportunity for attackers come Election Day.
- Decommissioning voting equipment: When voting machines are decommissioned, it is important to follow manufacturers’ instructions on properly cleansing any data that might be stored within the voting machine to help prevent potential hacking, should the machine be recommissioned in the future.
WHAT TO LOOK FOR IN A PARTNER
Once you've worked out the best way to mitigate election cyber attacks, it's time to choose the providers and technologies that are:
- Reliable, with nationwide coverage
- Robust, with connection redundancy, backed by secure network technologies
- Easy to deploy at temporary locations
- Manageable remotely
- A reputable managed and professional services provider
- Interoperable with different third-party systems
- Cost-effective
Learn more about election cybersecurity preparedness with these government resources, and find out how Verizon helped the city of Chicago deliver secure elections during a pandemic.