To protect our elections
US officials warn voting could be hacked. A Raytheon expert offers five ways to meet the threat
The threat is real.
A "cyber bomb," or malicious software designed to scramble voter-registration data and cause chaos at the polls, could threaten the 2018 mid-term elections, one congressman has warned.
U.S. Rep. Mike Conway, (R-Texas), described that scenario in a recent interview with Axios, previewing findings he and fellow Republicans on the House Intelligence Committee will issue from their investigation into Russian espionage.
The danger of a cyber bomb is not that such a threat is likely to alter voting results across the nation, but that an attacker will be able to infect relatively few computers and still seed doubt about the legitimacy of the elections, said Michael Daly, Raytheon’s chief technology officer for cybersecurity and special missions.
“It may be to the advantage of the attacker to do a splashy infection (on a few computers, where) an alert goes off and a bell starts ringing and it says you’ve been infected," Daly said. "That would get people in the area talking about it. They would feel the election's been compromised and word would spread.”
Because every state has its own system for tallying votes, from paper ballots to electronic screens to some Internet voting, there’s not one common vulnerability that can be exploited in an attack, he explained. But should a few systems be infiltrated, people might lose trust in our electoral process.
"You don’t have to have widespread damage," Daly said. "You just need to have a few, well-publicized incidents. The public is already feeling divided, with help from prior influence operations."
Conway's introduction of the cyber bomb concept came a month after hearings in which top U.S. intelligence officials warned the Senate Intelligence Committee that the nation must strengthen its defenses against hostile interference in coming elections. While Russia is already spreading disinformation through social media and other channels, the officials said, it could also try to hack actual voting systems.
“There should be no doubt that Russia perceives that its past efforts have been successful and views the 2018 midterm US elections as a potential target for Russian influence operations,” said U.S. Director of National Intelligence Dan Coats. “Frankly, the United States is under attack…by entities that are using cyber to penetrate virtually every major action that takes place in the United States.”
The unified call to action from U.S. intelligence agencies highlights the danger to our democracy should an adversary be able to alter votes. Cybersecurity is critical to national security, according to Daly.
“Nothing is immune from the cyber threat. Not our airports, power plants, banks or hospitals. Not even our voting systems, the very basis of our democracy," he said.
U.S. elections are managed through a hodgepodge of systems that vary from state to state, including paper ballots, electronic screens and even some Internet voting. Daly offers these recommendations for securing voting systems ahead of the midterm elections:
1. Secretaries of State should convene, in an academic environment, a conference with their election officials and cybersecurity staff. The session should be used to review the importance of cybersecurity controls, the threat vectors that are known to have been exploited in systems, and the long history of election tampering that has been occurring since World War II. Improperly informed stakeholders are our greatest vulnerability.
2. Secretaries of State, their Boards of Elections and state cybersecurity leaders should document their end-to-end election process with all of its systems, dependencies and interfaces. Every state is different and has different threat vectors.
3. States should engage their vendors and IT organizations (across the end-to-end chain) to conduct technical testing to ensure systems are secured. This includes patching, segmentation, monitoring, wireless configurations, hardening to remove unnecessary applications and ensuring there are multiple redundancies and methods of validation.
4. State officials should contact the U.S. Department of Homeland Security and their National Cybersecurity and Communications Integration Center for help. That’s where they’ll find trained professionals ready to help with lessons learned from prior engagements.
5. In terms of dealing with the threat of a cyber bomb, officials need to ensure voters have confidence in the integrity of the elections. That means states should think ahead and promote the integrity features that are already built into voting systems, including redundant records and backups that guarantee every vote is counted in the end.
“Today our intelligence leaders highlighted an urgent call to action - cybersecurity is a matter of national security,” Daly said. "It’s time to reshape the cyber landscape with a national defense doctrine that increases investment in our infrastructure, technologies, and training to deter our adversaries.”