Approach towards Election Security: Cyber Resilience of Election Infrastructure & Role of People, Process, Technology
By Rajiv Singh President – IT & Security at Pentacomp Group
Election cybersecurity or election security refers to the protection of elections and voting infrastructure from cyberattack or cyber threat – including the tampering with or infiltration of voting machines and equipment, election office networks and practices, and voter registration databases.
Elections play a vital role in a free and fair society and are a cornerstone of American democracy. We recognize the fundamental link between the trust in election infrastructure and the confidence the public places in basic democratic function. A secure and resilient electoral process is a vital national interest.
The goal to Manage and secure election infrastructure on a day-to-day basis. Reduce risks and ensure the integrity of elections at the state and local level.
Understanding the Drivers of Election Security:
C-level Geo-political Cyber View, Cyber Superpowers – World Balance, Role of Nation State Actors.
Understanding the Approach to Secure Election:
Know the Cyber Hacker’s Mindset, Implementing Technology & Frameworks to Secure Elections, Inter-Agency Co-ordination & Intelligence Sharing , Cyber Responder’s skill Training ,
Understanding the Types Of Challenges & Threats Influencing Elections (Pre & During-Elections):
Elections – Election Day/Voting Machines & Vote by Mail
Emotet Malware Infection
A state fell victim to a cyberattack. Servers were impacted, causing interruptions in computer access to several departments throughout the city. Access to email was lost, credit cards couldn’t be processed, and the website completely lost its functionality. Employees had to use temporary email accounts to perform some of their core job functions. The attack caused a major disruption and took many hours to get systems back up and running.
Another case of a state , suffered a cyberattack in which threat actors used malicious software to compromise 14 inboxes under the Department jurisdiction. The attackers gained access the emails addressed to these mailboxes. The hackers used a version of the Emotet malware. In this case the hackers used the stolen information to spread their malware. Cybercriminals sent seemingly legitimate messages to those who contacted the afflicted mailboxes, appearing to originate from the State Department, and included malicious attachments.
Distributed Denial of Service Attack
The days just before and after Election Day are the most likely time for adversaries to launch DDoS attacks. Beyond voter information portals and registration sites that give voters information about voting hours or where they can vote, prime DDoS targets include election night results websites and communications between boards of elections and polling locations. attacks on election infrastructure can hinder access to voting information.
Social Engineering
Attacks were launched against a certain customer base that claimed to be from a violent hate group, directing recipients to vote for a certain candidate in the election. The attacker had access to the recipient’s personal information as well as the ability to identify how the recipient typically votes. This sort of intimidation-based social engineering was similar to strategies seen in extortion attacks.
Another case the State voter registration ‘error’ phishing scam informs recipients that their voter’s registration applications are incomplete, luring them into sharing Social Security numbers, license data and other personal information with attackers. The fraudulent emails sent in this campaign appear to come from the Election Assistance Commission, and contain a malicious URL leading to a spoofed web page that steals a variety of personal data including name, date of birth, mailing address, email address, Social Security number and driver’s license information. The page is carefully engineered to appear legitimate, and even includes images pulled from State’s official site.
Ransomware
A state county was hit with a ransomware attack on their county and election infrastructure. The attack affected the county’s voter signature database, as well as the voting precinct map hosted on the county website. In this case, attackers did not specifically target election systems, but the loss of access to the voter signature database significantly slowed down absentee ballot processing. The attack raised concerns regarding the potential impacts of ransomware on election infrastructure systems.
A. company that sells election results software to cities and states was hit by ransomware. While the company is not responsible for tallying votes, the software is used by election officials to aggregate and report votes in at least 20 locations around the country. The company launched an investigation into the attached and ultimately paid an undisclosed ransom amount to unlock their systems.
The discussion sessions include:
Compliance with Global Security Standards -Election Security Standards Awareness & Meeting Compliances
Understanding Election Security Challenges & Threats to Election Security Cyber Technologies & Frameworks – Effective Utilisation Risk Based Technology Adoption & Best Practices
Securing Elections - Case Studies Emerging Threats to Fair Elections Managing Disruption -Prior & During Elections Think Like a Hacker – To Build A Defence Strategy
Understanding Cyber Framework for Election Infrastructure Components of Security Framework -An Overview Building A Robust Election Infra Security Framework
Tools & Implementing Security Controls – Protecting Election Infra Cyber Tools to Detect Threats, Protect Election Infra Identify Existing Gaps in Compliance to Risk Controls Design Remediation Plan & Implementation For governance
Incident Response Capability Understanding Security Standards in Incident Response Cyber Training for Responders -Preparing to Respond Building Incident Response Plan and Digital Forensics
Integrated Election Security (People Process & Technology) Avoiding Silos in Election Security Managing Security – Preparing A Stakeholders’ Ecosystem Building Disaster Recovery – Plan , Design & Implement
Staying Ahead of The Adversary- Election Security Emerging Threats – Metaverse, Deep Fake Privacy Concerns & Rising to The Challenge
Draw a Plan , Readiness to address Elections Security and Defend against Intervention: Social Media Monitoring & Sentiment Analysis Telecom Communication Protection Critical Infrastructure Security Monitoring
Conclusion:
Building Cyber Resiliency with Technology and Implementing Best practices in Election Security can go a long way in Cyber deterrence capability and prevent bad actors harming a Fair Elections process.