With many in the public sphere warning about a potential compromise of the integrity of the Presidential Election, security researchers instead flag online resources and influence campaigns as the biggest problem areas.
With the 2020 U.S. Presidential Election coming up in just two months, cybersecurity concerns are taking center stage for average citizens and politicians. That said, the likelihood of election results being impacted by an attack are slim, security researchers say. The focus should be on other problem-plagued election infrastructure issues that are ripe for attack.
When it comes to election security, worries about the integrity of voting machines often pop to mind, and the expected expansion of mail-in voting due to COVID-19 has also sparked concerns. Past direct hacking efforts, such as the attack on the Democratic National Committee in 2016, have left many nervous that this time around, the actual election results could be compromised in some way.
The worry that someone could change or delete election results directly is a bit of a tempest in a teapot, according to researchers.
“Most voting machines in use today, from the well-known market leaders, are ‘reasonably’ secure from cyberattacks due to the fact that the terminals are typically air-gapped from any connected network during the individual voting process,” Bill Rials, associate director and professor of practice of the Tulane University School of Professional Advancement Information Technology Program, told Threatpost. “Any vote cast is usually stored locally and not transferred over a network until after the polls close and the tabulation occurs. From a cybersecurity perspective, the biggest risk to elections is all the ancillary elements associated with the election process.”
Those ancillary elements include the availability of state and local voter registration websites and other support infrastructure, safeguarding campaigns’ sensitive data and thwarting nation-state-backed influence campaigns.
“We saw with the U.S. presidential cycle in 2016 that there were some attempts to potentially gain some access into election voting systems themselves and ballot systems, but the biggest impact we saw was the targeting of campaigns, the targeting of candidates, and not just specifically of the parties but also ancillary groups surrounding those candidates and parties,” said Ron Bushar, SVP and CTO, Government Solutions Consulting at Mandiant, speaking at the recent FireEye Virtual Summit. “Those hacking efforts, especially if they’re timed properly, can really have devastating effects on the perception of a voting system by the people participating in that election.”
Voting systems themselves usually have double- or triple-redundancy when it comes to the election returns.
#critical infrastructure #government #hacks #vulnerabilities #web security #2020 presidential election #campaigns #china #cybersecurity #hacking #influence campaigns #irán #mail in voting #nation state #online resources #polling information #russia #state and local resources #state sponsored #voting machines
