Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime

Election Security Program Aims to Mitigate Ransomware Risks

Department of Homeland Security to Help With Database Protections
Election Security Program Aims to Mitigate Ransomware Risks

Within a month, the U.S. Department of Homeland Security hopes to launch a program to help states protect voter registration databases and systems in advance of the 2020 presidential election, Reuters reports. Security experts say that in light of recent ransomware attacks against many units of local government, the protection effort is overdue.

See Also: Preparing for New Cybersecurity Reporting Requirements

The systems used to validate the eligibility of voters before they cast ballots were compromised in 2016 by Russian hackers. Intelligence officials are concerned that foreign hackers in 2020 not only will target the databases but attempt to manipulate, disrupt or destroy the data, according to current and former U.S. officials, Reuters reports.

The Cybersecurity Infrastructure Security Agency, a new unit of DHS that will spearhead the election-related security efforts, fears the databases could be targeted by ransomware, according to Reuters.

In recent months, there has been a surge of ransomware threats against local governments, including recent attacks on municipalities in Texas.

"That is why we are working alongside election officials and their private sector partners to help protect their databases and respond to possible ransomware attacks," Christopher Krebs, CISA’s director, tells Reuters.

CISA will provide state election officials with educational materials on ransomware attack threat mitigation as well as provide remote computer penetration tests and IT infrastructure vulnerability scans, Reuters reports.

Following Russian interference in the 2016 presidential election, election agencies across the country have raised concerns regarding protecting voter data.

In July, Former Special Counsel Robert Mueller warned Congress of likely Russian interference in the 2020 elections.

A Call for More Funding

Security researcher Tom Kellermann, chief cybersecurity officer at Carbon Black and a former government adviser, tells Information Security Media Group that the government needs to take more steps, including increasing spending to modernize electoral IT infrastructure.

"CISA has the foresight to warn the states of this [ransomware] threat. I commend Brian Krebs’ leadership," Kellerman says. "The challenge remains that the states lack the funding for electoral cybersecurity. One venue of funding would be to modernize forfeiture laws per digital currencies used in cybercrime and then use these funds for electoral security."

Protecting All Components

Election procedures involve three main components: the infrastructure required for vote collection, the voter registration databases and campaign information databases.

"The problem is that most of the focus has been only on the infrastructure, which actually is not as bad as most have made it out to be," Joseph Carson, chief security scientist at the security firm Thycotic, tells ISMG.

"The government must take action to put the correct security controls in place over sensitive voter data, including encryption, privileged access management and access controls, along with multifactor authentication. This will surely help reduce the risk of voter data being abused. Of course, ransomware is a risk, and strong backup solutions will help reduce those risks.”

Carson says that voter registration data “tends to be the critical data that is forgotten. It is the highest risk during elections, and it tends to be the data that is abused with disinformation campaigns or propaganda to sway elections and votes.”

Meanwhile, an independent, not-for-profit group, U.S. CyberDome, is offering free cybersecurity services to all the presidential and Senate campaigns.


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.