U.S. Election Update: Cybersecurity Edition

Election hacking is yet again in the spotlight

This week, the Washington Post reported that U.S. intelligence and law enforcement agencies are investigating a potential covert Russian operation to disrupt the November elections. This follows the news from last week that two states’ election databases were breached – only the latest in a long summer during which both major parties’ campaign databases were hacked. While the actors and their intentions are still not 100 percent clear, one thing is: these hacks aren’t going away.

To date, most articles and research have focused on the need to prevent any and all attacks from occurring. This makes sense, given the severity of the issue. And there are indeed steps we can take to drastically reduce the threat – especially when it comes to our voting machines, which are extremely vulnerable. In fact, a new report from the Institute for Critical Infrastructure describes voting machines as “stripped-down computers using outdated operating systems possessing every conceivable vulnerability that a device can have.”

But even if they were all as up-to-date as the iPhone in your pocket, that doesn’t mean they are safe. As I wrote late last month in Forbes, following the Democratic National Committee hacks:

“Like any network with thousands or even millions of endpoints, the question isn’t whether a breach will occur, but when and how quickly the breach can be detected and successfully mitigated. This is particularly important with elections, as any doubt that cannot be quickly verified is potentially disastrous.”

Fortunately, the federal government is taking the threat seriously. The Secretary of Homeland Security, Jeh Johnson, has called for designating the country’s 9,000 polling places as critical infrastructure and has offered the Department’s assistance to help states secure their voting systems. And following the most recent attacks, the National Institute for Standards and Technology is meeting with the U.S. Election Assistance Commission to evaluate cybersecurity standards of America’s voting infrastructure to prepare for the upcoming election.

Conclusion

These are encouraging signs, and in the short term, we encourage the federal government to continue partnering and sharing critical threat information with states. But looking forward to 2020, the federal government should help states modernize their election infrastructure in the same way that the largest organizations are modernizing theirs – by designing them so that vulnerabilities can be quickly identified and mitigated before serious damage is done.

---

About the Author: As Chief Security Officer, David Damato provides strategic product direction over module development for the Tanium Platform and manages the company’s internal security program. David brings a wealth of security expertise to Tanium, spanning incident response and forensics, vulnerability assessments, security program development, security operations, and network and security architecture. Prior to Tanium, David most recently served as Managing Director at Mandiant, a FireEye company, where his team led incident response and post-breach remediation efforts at over 100 Fortune 500 companies. At Mandiant, David was also instrumental in developing new incident response services capabilities and establishing consulting offices both domestically and internationally. Prior to Mandiant, David led security consulting teams at PwC as part of its Washington Federal Practice and held IT roles at Raytheon focused on the management of internal and government networks. David frequently shares his expertise and insights at industry events and with the media.