By Patrick Knight
With the midterm elections quickly approaching, pundits and news sources around the country have been discussing the likelihood of Russian meddling similar to the presidential election of 2016. While it’s true that external threats to voting machines and voter registration databases should be of concern, and the potential for those actions to undermine our democracy are very real, we must not ignore the threat of insiders, as they are capable of inflicting far greater damage.
Last month, it was announced that the information of over 35 million voters was being sold on a hacking forum. That information included the voters’ full names, phone numbers, physical addresses and voting-related information, including their previous voting history. Of note, the seller indicated on the forum that they receive weekly updates of the provided voter registration data and that the information is received via contacts within state governments.
The truth is anyone with access to a state’s voter registration has the ability to change information, remove it entirely or, in this case, sell it to the highest bidder. That is why insider threat detection should be a high priority when discussing ways to prevent election interference.
Election Interference
Insider threats constitute a massive security concern for any voter or campaign group for a number of reasons, but probably most importantly is that most are unaware of the likelihood of insiders to actually interfere – especially when discussing something as sacred as the democracy of a nation. Unfortunately, the U.S. voting system is not as secure as most believe.
Unprotected Voter Information
While voter information remains largely unprotected, improvements are possible. For starters, voter information should be secured by a multilayered security protocols and technologies that protect it against both external and internal threats. Additionally, anyone with access to it should be educated on best practice security procedures to ensure that voter information is kept private.
Broad Permissions
When it comes to cyber security, the fewer routes of access to the information, the safer it is. Currently many groups, including political campaigns, journalists and academic researchers, have access to a state’s voter registration. Any voter database should have controlled access and those permissions should be thoughtfully considered and only granted if necessary.
Insider Threats
All organizations are at risk of having malicious insiders. To protect from these threats, user behavior analytics can be employed to help detect suspicious user activity. IT teams can then act to protect data before the malicious actor carries out any harmful acts.
Measures to Implement for A Robust Cybersecurity Strategy
While these are many avenues that bad actors could take to interfere with election results, there are ways to improve security if we act quickly.
Implement an Improved Cyber Security Framework
The National Institute of Standards and Technology has great resources on how to set up a cyber security framework. All elected officials and campaigns should already have a cyber security defense strategy in place. But it’s critical to prioritize cyber security and use the resources that are out there to help protect the information of voters.
Deploy User Behavior Analytics
Consider investing in software to protect voter information from insider threats. Voter information and systems are at risk of employees who have access to them – whether malicious or accidental. User behavior analytics helps to monitor employee activity and alerts you to potentially dangerous behaviors so you can stop election interference from escalating.
Establish a breach protocol if one doesn’t exist
Set up a plan for if – or when – election interference happens. Plan steps to contain the leak and minimize exposure. Make sure to include transparency in your protocol. The best electorate is an informed electorate. Explain that they may receive communications that appear to be from you, but could be from a malicious party, and make sure you communicate what you’re doing to correct the problem and keep their information safe.
Election interference can come in many forms – and the variety of attacks is what makes it so formidable. Campaigns and officials should start by securing their systems from the inside out. Doing so, will protect our voters and the democratic process they believe in.
About Patrick Knight
Patrick Knight, Senior Director of Cyber Strategy and Technology at Veriato, spent 12 years in the U.S. Intelligence Community in the fields of Signals Intelligence and Cryptanalysis and, since 2001, has worked in the commercial online security sector developing technologies including encryption, network packet filtering, network intrusion detection and anti-virus.
The post Internal Threats and Election Security appeared first on Cybersecurity Insiders.
November 05, 2018 at 08:46PM
0 comments:
Post a Comment