Due to multiple cyberattacks four years ago, cybersecurity was definitely a hot topic during this year’s presidential election. With three weeks leading up to the big day, Microsoft, working with law enforcement groups, disabled one of the largest hacking operations, an effort run by Russian-speaking cybercriminals. This action could have set the path to ensuring what is now confirmed, that election day was hack-free. Here is what we know.
Preventing TrickBot From Tricking Your Ballot
TrickBot has become the biggest threat in cybersecurity. It has been used for everything from stealing online banking credentials to infecting the software used by towns, cities and hospitals with ransomware. This malware locks up victims’ computers until they pay a ransom, which is now illegal.
Security officials began to fear TrickBot long before the election, but officials thought if they started acting against the ransomware too early, cybercriminals would be able to find ways to continue their attacks before Election Day. The United States Cyber Command began hacking TrickBot’s command and control servers in October, according to government officials. With the acceleration of TrickBot operators hacking American municipalities and government agencies, U.S. officials feared that ransomware attacks would lock up election systems.
In 2018, U.S. Cyber Command expanded its operations to hunt hackers from Russian, Iran and China. Officials realized that defending the election is an ongoing effort. In fact, a nationwide survey by the University of Maryland confirmed that in 2016, nearly 30% of local government officials had no idea if a cyberattack was affecting them. The first ransomware attack related to the 2020 presidential election was earlier this fall against electronic voting systems in Georgia. With the country trying to move to paperless solutions, how did the cybersecurity officials increase security at electronic voting systems?
Securing Machines and Their Data
The process of voting requires a strong sense of trust in the equipment we use, the process and the people of America. At your voting station, you have the choice between paper ballots or electronic voting. It’s just one of the many decisions you make, but you must trust in the process. In fact, 99% of voting in the US takes place through a computer system or machine.
Electronic voting depends on a distributed network. In order to secure the internal hardware of each voting machine, it must be tamper-proof at the point of manufacture. But technical vulnerabilities go far beyond the voting machines and their networks. Voter registration and administration systems are at risk, too. If these systems are not fully secured, then fraudulent information in the voter database can lead to improper or illegal voter registrations casting fraudulent votes.
But you might be wondering how to secure these voting systems. The answer is applying best practices of cybersecurity, data protection and information access. These practices include keeping systems up-to-date, ensuring security software is installed and current, monitoring network activities and implementing appropriate IT policies and procedures to include resilient backup practices. Not only were best practices met on Tuesday, but the Department of Homeland Security established the Cybersecurity and Infrastructure Security Agency in 2018 to focus on security election infrastructure across all 50 states. This helped nearly 500 election officials share insights on any hacking attempts or technical issues affecting voters.
One major cybersecurity red flag that was fixed after 2016 is that nearly 28 million voters cast ballots that did not have a corresponding paper trail. This year, that number is expected to be less than 10 million. The elimination of paperless machines makes it more difficult for a cyberattack to affect votes. Machines that print out a piece of paper that allows confirmation of their vote and give the voter the ability to trust the machine, along with making sure their vote was recorded accurately.
Election Vulnerabilities Continue
With the rapidly evolving cyber landscape, the U.S. is an extremely vulnerable and largely undefended target. On the bright side, voting security has come a long way since 2016. According to NPR, government officials have spent the past year touting this election as potentially the “most secure” in the nation’s history. And their hard work has paid off so far, with no major hacks reported on Election Day. The U.S. spent billions of dollars to improve systems across the nation so the Russian attacks on the 2016 election would not resurface.
While voting day has come and gone, hacks can still be present within the election infrastructure. This includes hackers setting up fake websites to post fake results, which is one action hackers often use during the election.
MDL Technology Is Here To Help
Although states like Georgia, Ohio and Iowa did experience delays on Election Day, cyberattacks were not the issue. High voter turnout across the country can be seen as evidence of citizens trusting in election security. As officials continue their efforts to lower the number of technical issues with voting machines and help extinguish future disinformation efforts, it’s our job to keep your data protected at your company.
Your company’s security is our top priority. We offer services such as 24/7 support, network monitoring, offsite data backups, auditing and compliance and more to help ensure that you don’t need to stress about your team’s private information becoming public.
Learn more about the services we offer by visiting our website.