There are several mitigating strategies that ensure the employment of election security. All voting systems should be tested, certified for use and stored in a secure facility when not in use. The development of a contingency plan is also of high importance. Safeguards should be established in case of events, including but certainly not limited to, an accidentally deleted voter record or system failure at the polling facility. Officials in charge of elections, poll workers and IT staff should all be trained on how to properly maintain, deploy and use these voting systems.
Cyber Threats that Affect US Election Offices
As an organization, it is vital to take extra precautions concerning the remote access that network connected devices may have, regardless of whether they are connected to the internet or not.
Many of the elections systems out there are built on or are related to common off-the-shelf hardware. For instance, voter registration is typically a database, while election management systems are workstation software and election night reporting is typically facilitated through websites. The familiar nature of these systems makes the information vulnerable to similar tactics we see affecting everyday systems.
The Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC), in partnership with the Multi-State Information Sharing and Analysis Center (MS-ISAC), uses sources such as the Albert monitoring system to gather threat data. By analyzing the threat data, it was found that many of the technical threats facing elections are very similar to those being seen in other infrastructure sectors.
Two recent trojan viruses in particular that can become a threat to election security are Emotet and Kovter. Emotet, which is disseminated via malspam, is an advanced modular banking trojan and infostealer that primarily functions as the downloader or dropper for other banking trojans. Kovter is a click-fraud trojan and downloader that evades detection by hiding in registry keys.
Physical Security During US Elections
Cybersecurity isn’t the only issue on the minds of election officials. Physical security, as previously alluded to, is also a key area of consideration with regards to election security. For instance, hurricanes and other environmental disasters bolster the need for secure storage of voting systems.
Physical security has always been and remains a consistent concern for election officials. This is evident primarily through the rigorous process that election offices follow before, during and after elections to guarantee that voting infrastructure, equipment and systems are controlled during transportation, set up and break down.
Some additional examples of physical security would include limiting physical access to voting machines before and after the election and giving access to the public primarily during the actual voting period. Proper inventory and auditing of systems throughout the election process also serve as efficient controls. Election staff play an integral role in reinforcing the physical security aspect by often times roaming polling stations during the election process. In addition to election staff presence, the installation of cameras can also confirm that no unauthorized activity or access is occurring within the facility.