Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Election cybersecurity is a risk, and in a tight contest, all eyes are going to be on how organizations fight back against threats.
With a day to go before the 2024 general election, there’s an understandable nervousness about the safety of election systems. And government officials are warning that while the chance for interference or other difficulty is low, it’s not impossible.
But there are reasons to be optimistic. Jen Easterly, CISA director, told NPR’s Weekend Edition that “election infrastructure has never been more secure.”
“There are cyber threats, there are physical threats to election officials, but we’re at a point now with our election infrastructure secure and the election community prepared to meet the moment on the 5th of November,” Easterly said.
Chaotic politic. Sarah Cleveland, a public sector strategic advisor at ExtraHop, told IT Brew that in her view the possibility of cyberattacks meant to sow chaos is high, as is the potential for general instability around the election process. Cleveland told IT Brew that “chaos” is a top motivator, warning that, for example, Russian attacks on Ukraine “have kind of waned a bit, and the theory is that they’re taking their their talent and starting to swing them over to to the United States to focus on the election and then post election chaos.”
“An overt cyberattack, I think that’s not as likely as small disruptions and pockets of doubt being inserted via nation-state hackers or individuals who are smart enough to just be like, ‘I’m gonna cause a problem,’” Cleveland said.
Threat detected. Still, there are threats—even if they’re not the first ones you’d think of. The Election Infrastructure ISAC, in a report distributed by the Department of Homeland Security and obtained by Wired, said that hostile nations and their assets are more likely to focus on surveillance and influence campaigns than actual threats to elections. “Nation-state-affiliated cyber actors have not attempted to disrupt US elections infrastructure, despite reconnaissance and occasionally acquiring access to non-voting infrastructure,” according to the report.
Cyber criminals are the main threat to elections, the report claims, because since 2022, “financially and ideologically motivated cyber criminals have targeted US state and local government entity networks that manage or support election processes.”
“In some cases, successful ransomware attacks and a distributed denial-of-service (DDoS) attack on such infrastructure delayed election-related operations in the affected state or locality but did not compromise the integrity of voting processes,” the report explained.
Play it safe. For all the threats and potential for disruption, Cleveland’s faith in US elections is strong, she told IT Brew. State and local officials work hard to ensure that the system works.
“The American people who run elections are doing their very best to make sure that it’s a fair and equitable process,” Cleveland said.